Package: mysql-common
Version: 5.0.51a-12
Severity: grave
Tags: security, patch
Justification: user security hole

Hi

Mysql upstream changelog says:

An empty bit-string literal (b'') caused a server crash. Now the value  
is parsed as an empty bit value (which is treated as an empty string
in string context or 0 in numeric context). (Bug#35658)

You'll find more information and a patch at the mysql upstream bugreport[0]

A CVE id has been requested and I'll forward it, once it got issued.

Cheers
Steffen

[0]: http://bugs.mysql.com/bug.php?id=35658



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to