Security Advisory Moderate: Red Hat Application Stack v1.3 security and enhancement update

Advisory: RHSA-2008:0510-19
Type: Security Advisory
Severity: Moderate
Issued on: 2008-07-02
Last updated on: 2008-07-02
Affected Products: Red Hat Application Stack v1 for Enterprise Linux AS (v.4)
Red Hat Application Stack v1 for Enterprise Linux ES (v.4)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2008-2079

Details

Red Hat Application Stack v1.3 is now available. This update fixes a
security issue and adds several enhancements.

This updated has been rated as having moderate security impact by the Red
Hat Security Response Team.

The Red Hat Application Stack is an integrated open source application
stack, and includes JBoss Enterprise Application Platform (EAP).

Starting with this update, JBoss EAP is no longer provided via the
Application Stack channels. Instead, all Application Stack customers are
automatically entitled to the JBoss EAP channels. This ensures all users
have immediate access to JBoss EAP packages when they are released,
ensuring lesser wait for security and critical patches.

As a result, you must MANUALLY subscribe to the appropriate JBoss EAP
channel, as all further JBoss EAP updates will only go to that channel.

This update also entitles all customers to the JBoss EAP 4.3.0 channels.
Users receive support for JBoss EAP 4.3.0 if they choose to install it.
Important: downgrading from JBoss EAP 4.3.0 to 4.2.0 is unsupported.

MySQL was updated to version 5.0.50sp1a, fixing the following security
issue:

MySQL did not correctly check directories used as arguments for the DATA
DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated
attacker could elevate their access privileges to tables created by other
database users. Note: this attack does not work on existing tables. An
attacker can only elevate their access to another user's tables as the
tables are created. As well, the names of these created tables need to be
predicted correctly for this attack to succeed. (CVE-2008-2079)

The following packages are updated:

* httpd to 2.0.63
* mod_jk to 1.2.26
* the MySQL Connector/ODBC to 3.51.24r1071
* perl-DBD-MySQL to 4.006
* perl-DBI to 1.604
* postgresqlclient7 to 7.4.19
* postgresql-jdbc to 8.1.412
* unixODBC to 2.2.12


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Application Stack v1 for Enterprise Linux AS (v.4)
SRPMS:
httpd-2.0.63-2.el4s1.2.src.rpm     52f76d2afc7a4eb19d647055e7c36461
mod_jk-1.2.26-1.el4s1.1.src.rpm     1a8a6a4504128bbaa39abd282f879ba7
mysql-5.0.50sp1a-2.el4s1.1.src.rpm     b7243854ee8d4597cfe0e6099641aefd
mysql-connector-odbc-3.51.24r1071-1.el4s1.1.src.rpm     ac049fad94d161b20dfeccad05919fe5
perl-DBD-MySQL-4.006-1.el4.src.rpm     0340e3347b6f6fc35c5462e3a548d16e
perl-DBI-1.604-1.el4s1.src.rpm     2a1663ddf300d63b7d0157d8af022685
php-5.1.6-3.el4s1.9.src.rpm
File outdated by:  RHSA-2008:0582		     efea043630160a714a9ec94fd8d546cc
postgresql-jdbc-8.1.412-1jpp.el4s1.1.src.rpm     e1a4fe3f22041635419bd968c89babd0
postgresqlclient7-7.4.19-1.el4s1.1.src.rpm     f278ae1eb4fdf4b339a0d420065e6399
unixODBC-2.2.12-6.el4s1.1.src.rpm     cbf788b93ca1fd207e9aac21a307473e
 
IA-32:
httpd-2.0.63-2.el4s1.2.i386.rpm     494caaed33b333fcef0cb27784b974e8
httpd-devel-2.0.63-2.el4s1.2.i386.rpm     4d608ad8cef529bd15ad4ee78eb5ccd9
httpd-manual-2.0.63-2.el4s1.2.i386.rpm     f5d1ae90f8e19dc125c6f1f0501a7d39
mod_jk-ap20-1.2.26-1.el4s1.1.i386.rpm     3a057bd90533716c9c75b3deb4420572
mod_jk-manual-1.2.26-1.el4s1.1.i386.rpm     b5d7849ebc6f5b5247a67c3fc1d33893
mod_ssl-2.0.63-2.el4s1.2.i386.rpm     1220bc96b2d7ff8eb59762d7488bf82b
mysql-5.0.50sp1a-2.el4s1.1.i386.rpm     7ddc87adaee46ac35b7faf3405a14f7a
mysql-bench-5.0.50sp1a-2.el4s1.1.i386.rpm     646f875373460c4d06e23b10b3d95e1a
mysql-cluster-5.0.50sp1a-2.el4s1.1.i386.rpm     3bf9b157bd77c9b558d6c488a7a9f308
mysql-connector-odbc-3.51.24r1071-1.el4s1.1.i386.rpm     9337e00de3956ca32f9d752881d0000d
mysql-devel-5.0.50sp1a-2.el4s1.1.i386.rpm     dcb684e0bff392d91ce82c8a76be1a31
mysql-libs-5.0.50sp1a-2.el4s1.1.i386.rpm     d10fe68075382218d786549ea3fd3256
mysql-server-5.0.50sp1a-2.el4s1.1.i386.rpm     51052ee3e50fcdbc2d353156a240f7d2
mysql-test-5.0.50sp1a-2.el4s1.1.i386.rpm     7c4dc56e271abf59dd6c08af85bef161
perl-DBD-MySQL-4.006-1.el4.i386.rpm     3663b5ebf51bfd491327e9db86c49012
perl-DBI-1.604-1.el4s1.i386.rpm     7688a9664afdb6cd9737e7b2401390d1
php-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     5caa944b6b98e64a48a1519e4e3fd158
php-bcmath-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     c9ef2738bbf2918763e3d736a9892658
php-cli-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     5b4651642effea88cae5aee1794d0595
php-common-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     7f6a4bb95082521dc1d5bfa799fff440
php-dba-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     7a48b284dd7b45406ae1d7ec80d8d408
php-devel-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     5d0328becddf7140212a052bbff08859
php-gd-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     b68953b3d262468735843826c217673a
php-imap-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     574b08d08d70614e0098a32eabed66a3
php-ldap-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     84d5e95e26e589a925f67c27626fd385
php-mbstring-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     915332b8a7f13a5f8bd1086c7bed716a
php-mysql-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     62171a069962cbeabbaacd8ab8e9ca7c
php-ncurses-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     2d7477658d0acc946ad71510295719a0
php-odbc-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     65676eb6cb6c82a61668d970cb9238d6
php-pdo-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     f2b21edced9705aa7a92c554e3380075
php-pgsql-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     01a4ae9f7e15f88060aa6f165721133f
php-snmp-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     b64ba42f16d4c5d956ceeb0acc29221f
php-soap-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     e7440a11d9462b08cc456b3e7af793e6
php-xml-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     82c18d77c997f6787535f3ca6f7eed48
php-xmlrpc-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     992c6c7d2a0633f4c76190340a0e1efc
postgresql-jdbc-8.1.412-1jpp.el4s1.1.i386.rpm     938ba600aef587cb753e6e6c790146e2
postgresqlclient7-7.4.19-1.el4s1.1.i386.rpm     87b6a06420db66a5fc282a89ba3770ac
unixODBC-2.2.12-6.el4s1.1.i386.rpm     b865955382735c1c2fe02a55b610dfd6
unixODBC-devel-2.2.12-6.el4s1.1.i386.rpm     6f1a1ab26efc427aaef41ab2ec8585ab
unixODBC-kde-2.2.12-6.el4s1.1.i386.rpm     5b5379988c613d2757d64677f7e25338
 
x86_64:
httpd-2.0.63-2.el4s1.2.x86_64.rpm     5655cc10fa0b118d5b37a8ca05733479
httpd-devel-2.0.63-2.el4s1.2.x86_64.rpm     4039fe3801967c8f52e10685a68d1c74
httpd-manual-2.0.63-2.el4s1.2.x86_64.rpm     844868f4ea6117253adb7a7583d1bb59
mod_jk-ap20-1.2.26-1.el4s1.1.x86_64.rpm     e7f4b7704470d6bd0b9c1ac71782deb0
mod_jk-manual-1.2.26-1.el4s1.1.x86_64.rpm     4a81a0ac206f3705d3757b6a8c2576c0
mod_ssl-2.0.63-2.el4s1.2.x86_64.rpm     7585f0c9c875019042891e8b5d5fe2aa
mysql-5.0.50sp1a-2.el4s1.1.i386.rpm     7ddc87adaee46ac35b7faf3405a14f7a
mysql-5.0.50sp1a-2.el4s1.1.x86_64.rpm     746d70d7b9f1a04fe487bab7fac7fc5b
mysql-bench-5.0.50sp1a-2.el4s1.1.x86_64.rpm     d71a876a67a640e7dd0e005c9d5eae34
mysql-cluster-5.0.50sp1a-2.el4s1.1.x86_64.rpm     f432235a6c98bfe52d5732d19759d7a3
mysql-connector-odbc-3.51.24r1071-1.el4s1.1.x86_64.rpm     88d6f09fb3116c014b83aa492dd937cf
mysql-devel-5.0.50sp1a-2.el4s1.1.x86_64.rpm     00ea949cbaa11b7f7dbe7ccc8f73b587
mysql-libs-5.0.50sp1a-2.el4s1.1.i386.rpm     d10fe68075382218d786549ea3fd3256
mysql-libs-5.0.50sp1a-2.el4s1.1.x86_64.rpm     7c1ed241500959e2cf516f2029932a88
mysql-server-5.0.50sp1a-2.el4s1.1.x86_64.rpm     cb2c0b42fc219d97e64b2286e5396908
mysql-test-5.0.50sp1a-2.el4s1.1.x86_64.rpm     d7d5d9296589ee358402f95054d49e7f
perl-DBD-MySQL-4.006-1.el4.x86_64.rpm     abd343e87339d67efe75092d971872dc
perl-DBI-1.604-1.el4s1.x86_64.rpm     d81262d71030d7f70353f36677608f66
php-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     d48be6404557371a65df7020c214600d
php-bcmath-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     984dad0ddf98c213a5d5b60887180a7b
php-cli-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     da4ab01284279dfc89d1239b6ba87e85
php-common-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     e024fc129745d31a3385ed7c2933c91f
php-dba-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     99c87b4a97573c24377b5ea326b31cee
php-devel-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     c2933f711ee2fdc0bd57975fea404513
php-gd-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     a5d404f8b106d610cb6075fafbee80f6
php-imap-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     cbf3dde6469422572b892b39e561d043
php-ldap-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     53ad2191b67654a44f3689f4d4a50476
php-mbstring-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     cf93722b4a56a0f8902ac757734f09a6
php-mysql-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     18177dda6dac9386d73f76d94342a7be
php-ncurses-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     a0dfdcaef2845fb50c111b6d160b11f6
php-odbc-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     090dcb1d20af6be02ea11d18a1fc7464
php-pdo-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     a5d5b2075820bae9165fb2776d2f946d
php-pgsql-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     281a12267f81c8e42555d071ae8301df
php-snmp-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     f152d079fcf490e09acab353a681cb22
php-soap-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     ff356dad05df929ea62e94a46722eaac
php-xml-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     e3553e4969414c4342e12ca4c7774405
php-xmlrpc-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     924b9aa28b6b076e9443776fa2af03c7
postgresql-jdbc-8.1.412-1jpp.el4s1.1.x86_64.rpm     057526beae860b3d16fd420d062d14aa
postgresqlclient7-7.4.19-1.el4s1.1.i386.rpm     87b6a06420db66a5fc282a89ba3770ac
postgresqlclient7-7.4.19-1.el4s1.1.x86_64.rpm     c0f60861c6946eeefc8b15de4fb7e629
unixODBC-2.2.12-6.el4s1.1.i386.rpm     b865955382735c1c2fe02a55b610dfd6
unixODBC-2.2.12-6.el4s1.1.x86_64.rpm     2817a57026d6acd3fb3139afdd4d9140
unixODBC-devel-2.2.12-6.el4s1.1.x86_64.rpm     5417833ba9755d6098b31865addf8382
unixODBC-kde-2.2.12-6.el4s1.1.i386.rpm     5b5379988c613d2757d64677f7e25338
unixODBC-kde-2.2.12-6.el4s1.1.x86_64.rpm     89f0976647491ea42c6cb47ac1a47f5e
 
Red Hat Application Stack v1 for Enterprise Linux ES (v.4)
SRPMS:
httpd-2.0.63-2.el4s1.2.src.rpm     52f76d2afc7a4eb19d647055e7c36461
mod_jk-1.2.26-1.el4s1.1.src.rpm     1a8a6a4504128bbaa39abd282f879ba7
mysql-5.0.50sp1a-2.el4s1.1.src.rpm     b7243854ee8d4597cfe0e6099641aefd
mysql-connector-odbc-3.51.24r1071-1.el4s1.1.src.rpm     ac049fad94d161b20dfeccad05919fe5
perl-DBD-MySQL-4.006-1.el4.src.rpm     0340e3347b6f6fc35c5462e3a548d16e
perl-DBI-1.604-1.el4s1.src.rpm     2a1663ddf300d63b7d0157d8af022685
php-5.1.6-3.el4s1.9.src.rpm
File outdated by:  RHSA-2008:0582		     efea043630160a714a9ec94fd8d546cc
postgresql-jdbc-8.1.412-1jpp.el4s1.1.src.rpm     e1a4fe3f22041635419bd968c89babd0
postgresqlclient7-7.4.19-1.el4s1.1.src.rpm     f278ae1eb4fdf4b339a0d420065e6399
unixODBC-2.2.12-6.el4s1.1.src.rpm     cbf788b93ca1fd207e9aac21a307473e
 
IA-32:
httpd-2.0.63-2.el4s1.2.i386.rpm     494caaed33b333fcef0cb27784b974e8
httpd-devel-2.0.63-2.el4s1.2.i386.rpm     4d608ad8cef529bd15ad4ee78eb5ccd9
httpd-manual-2.0.63-2.el4s1.2.i386.rpm     f5d1ae90f8e19dc125c6f1f0501a7d39
mod_jk-ap20-1.2.26-1.el4s1.1.i386.rpm     3a057bd90533716c9c75b3deb4420572
mod_jk-manual-1.2.26-1.el4s1.1.i386.rpm     b5d7849ebc6f5b5247a67c3fc1d33893
mod_ssl-2.0.63-2.el4s1.2.i386.rpm     1220bc96b2d7ff8eb59762d7488bf82b
mysql-5.0.50sp1a-2.el4s1.1.i386.rpm     7ddc87adaee46ac35b7faf3405a14f7a
mysql-bench-5.0.50sp1a-2.el4s1.1.i386.rpm     646f875373460c4d06e23b10b3d95e1a
mysql-cluster-5.0.50sp1a-2.el4s1.1.i386.rpm     3bf9b157bd77c9b558d6c488a7a9f308
mysql-connector-odbc-3.51.24r1071-1.el4s1.1.i386.rpm     9337e00de3956ca32f9d752881d0000d
mysql-devel-5.0.50sp1a-2.el4s1.1.i386.rpm     dcb684e0bff392d91ce82c8a76be1a31
mysql-libs-5.0.50sp1a-2.el4s1.1.i386.rpm     d10fe68075382218d786549ea3fd3256
mysql-server-5.0.50sp1a-2.el4s1.1.i386.rpm     51052ee3e50fcdbc2d353156a240f7d2
mysql-test-5.0.50sp1a-2.el4s1.1.i386.rpm     7c4dc56e271abf59dd6c08af85bef161
perl-DBD-MySQL-4.006-1.el4.i386.rpm     3663b5ebf51bfd491327e9db86c49012
perl-DBI-1.604-1.el4s1.i386.rpm     7688a9664afdb6cd9737e7b2401390d1
php-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     5caa944b6b98e64a48a1519e4e3fd158
php-bcmath-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     c9ef2738bbf2918763e3d736a9892658
php-cli-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     5b4651642effea88cae5aee1794d0595
php-common-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     7f6a4bb95082521dc1d5bfa799fff440
php-dba-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     7a48b284dd7b45406ae1d7ec80d8d408
php-devel-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     5d0328becddf7140212a052bbff08859
php-gd-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     b68953b3d262468735843826c217673a
php-imap-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     574b08d08d70614e0098a32eabed66a3
php-ldap-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     84d5e95e26e589a925f67c27626fd385
php-mbstring-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     915332b8a7f13a5f8bd1086c7bed716a
php-mysql-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     62171a069962cbeabbaacd8ab8e9ca7c
php-ncurses-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     2d7477658d0acc946ad71510295719a0
php-odbc-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     65676eb6cb6c82a61668d970cb9238d6
php-pdo-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     f2b21edced9705aa7a92c554e3380075
php-pgsql-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     01a4ae9f7e15f88060aa6f165721133f
php-snmp-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     b64ba42f16d4c5d956ceeb0acc29221f
php-soap-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     e7440a11d9462b08cc456b3e7af793e6
php-xml-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     82c18d77c997f6787535f3ca6f7eed48
php-xmlrpc-5.1.6-3.el4s1.9.i386.rpm
File outdated by:  RHSA-2008:0582		     992c6c7d2a0633f4c76190340a0e1efc
postgresql-jdbc-8.1.412-1jpp.el4s1.1.i386.rpm     938ba600aef587cb753e6e6c790146e2
postgresqlclient7-7.4.19-1.el4s1.1.i386.rpm     87b6a06420db66a5fc282a89ba3770ac
unixODBC-2.2.12-6.el4s1.1.i386.rpm     b865955382735c1c2fe02a55b610dfd6
unixODBC-devel-2.2.12-6.el4s1.1.i386.rpm     6f1a1ab26efc427aaef41ab2ec8585ab
unixODBC-kde-2.2.12-6.el4s1.1.i386.rpm     5b5379988c613d2757d64677f7e25338
 
x86_64:
httpd-2.0.63-2.el4s1.2.x86_64.rpm     5655cc10fa0b118d5b37a8ca05733479
httpd-devel-2.0.63-2.el4s1.2.x86_64.rpm     4039fe3801967c8f52e10685a68d1c74
httpd-manual-2.0.63-2.el4s1.2.x86_64.rpm     844868f4ea6117253adb7a7583d1bb59
mod_jk-ap20-1.2.26-1.el4s1.1.x86_64.rpm     e7f4b7704470d6bd0b9c1ac71782deb0
mod_jk-manual-1.2.26-1.el4s1.1.x86_64.rpm     4a81a0ac206f3705d3757b6a8c2576c0
mod_ssl-2.0.63-2.el4s1.2.x86_64.rpm     7585f0c9c875019042891e8b5d5fe2aa
mysql-5.0.50sp1a-2.el4s1.1.i386.rpm     7ddc87adaee46ac35b7faf3405a14f7a
mysql-5.0.50sp1a-2.el4s1.1.x86_64.rpm     746d70d7b9f1a04fe487bab7fac7fc5b
mysql-bench-5.0.50sp1a-2.el4s1.1.x86_64.rpm     d71a876a67a640e7dd0e005c9d5eae34
mysql-cluster-5.0.50sp1a-2.el4s1.1.x86_64.rpm     f432235a6c98bfe52d5732d19759d7a3
mysql-connector-odbc-3.51.24r1071-1.el4s1.1.x86_64.rpm     88d6f09fb3116c014b83aa492dd937cf
mysql-devel-5.0.50sp1a-2.el4s1.1.x86_64.rpm     00ea949cbaa11b7f7dbe7ccc8f73b587
mysql-libs-5.0.50sp1a-2.el4s1.1.i386.rpm     d10fe68075382218d786549ea3fd3256
mysql-libs-5.0.50sp1a-2.el4s1.1.x86_64.rpm     7c1ed241500959e2cf516f2029932a88
mysql-server-5.0.50sp1a-2.el4s1.1.x86_64.rpm     cb2c0b42fc219d97e64b2286e5396908
mysql-test-5.0.50sp1a-2.el4s1.1.x86_64.rpm     d7d5d9296589ee358402f95054d49e7f
perl-DBD-MySQL-4.006-1.el4.x86_64.rpm     abd343e87339d67efe75092d971872dc
perl-DBI-1.604-1.el4s1.x86_64.rpm     d81262d71030d7f70353f36677608f66
php-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     d48be6404557371a65df7020c214600d
php-bcmath-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     984dad0ddf98c213a5d5b60887180a7b
php-cli-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     da4ab01284279dfc89d1239b6ba87e85
php-common-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     e024fc129745d31a3385ed7c2933c91f
php-dba-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     99c87b4a97573c24377b5ea326b31cee
php-devel-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     c2933f711ee2fdc0bd57975fea404513
php-gd-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     a5d404f8b106d610cb6075fafbee80f6
php-imap-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     cbf3dde6469422572b892b39e561d043
php-ldap-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     53ad2191b67654a44f3689f4d4a50476
php-mbstring-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     cf93722b4a56a0f8902ac757734f09a6
php-mysql-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     18177dda6dac9386d73f76d94342a7be
php-ncurses-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     a0dfdcaef2845fb50c111b6d160b11f6
php-odbc-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     090dcb1d20af6be02ea11d18a1fc7464
php-pdo-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     a5d5b2075820bae9165fb2776d2f946d
php-pgsql-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     281a12267f81c8e42555d071ae8301df
php-snmp-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     f152d079fcf490e09acab353a681cb22
php-soap-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     ff356dad05df929ea62e94a46722eaac
php-xml-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     e3553e4969414c4342e12ca4c7774405
php-xmlrpc-5.1.6-3.el4s1.9.x86_64.rpm
File outdated by:  RHSA-2008:0582		     924b9aa28b6b076e9443776fa2af03c7
postgresql-jdbc-8.1.412-1jpp.el4s1.1.x86_64.rpm     057526beae860b3d16fd420d062d14aa
postgresqlclient7-7.4.19-1.el4s1.1.i386.rpm     87b6a06420db66a5fc282a89ba3770ac
postgresqlclient7-7.4.19-1.el4s1.1.x86_64.rpm     c0f60861c6946eeefc8b15de4fb7e629
unixODBC-2.2.12-6.el4s1.1.i386.rpm     b865955382735c1c2fe02a55b610dfd6
unixODBC-2.2.12-6.el4s1.1.x86_64.rpm     2817a57026d6acd3fb3139afdd4d9140
unixODBC-devel-2.2.12-6.el4s1.1.x86_64.rpm     5417833ba9755d6098b31865addf8382
unixODBC-kde-2.2.12-6.el4s1.1.i386.rpm     5b5379988c613d2757d64677f7e25338
unixODBC-kde-2.2.12-6.el4s1.1.x86_64.rpm     89f0976647491ea42c6cb47ac1a47f5e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

445222 - CVE-2008-2079 mysql: privilege escalation via DATA/INDEX DIRECTORY directives


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
http://www.redhat.com/docs/en-US/Red_Hat_Application_Stack/1.3/html-single/Release_Notes/
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/