excuse me if anyone got my previous email. NL just scored a goal so I sent to a wrong address
On Mon, Jun 14, 2010 at 2:31 PM, Wojtek Burakiewicz <[email protected]> wrote: > lijk me kak! > > > > On Mon, Jun 7, 2010 at 3:23 PM, Giuseppe Iuculano <[email protected]>wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> - ------------------------------------------------------------------------ >> Debian Security Advisory DSA-2057-1 [email protected] >> http://www.debian.org/security/ Giuseppe Iuculano >> June 07, 2010 http://www.debian.org/security/faq >> - ------------------------------------------------------------------------ >> >> Package : mysql-dfsg-5.0 >> Vulnerability : several >> Problem type : remote >> Debian-specific: no >> CVE Id(s) : CVE-2010-1626 CVE-2010-1848 CVE-2010-1849 CVE-2010-1850 >> >> Several vulnerabilities have been discovered in the MySQL >> database server. >> The Common Vulnerabilities and Exposures project identifies the >> following problems: >> >> >> CVE-2010-1626 >> >> MySQL allows local users to delete the data and index files of another >> user's MyISAM table via a symlink attack in conjunction with the DROP >> TABLE command. >> >> >> CVE-2010-1848 >> >> MySQL failed to check the table name argument of a COM_FIELD_LIST >> command packet for validity and compliance to acceptable table name >> standards. This allows an authenticated user with SELECT privileges on >> one table to obtain the field definitions of any table in all other >> databases and potentially of other MySQL instances accessible from the >> server's file system. >> >> >> CVE-2010-1849 >> >> MySQL could be tricked to read packets indefinitely if it received a >> packet larger than the maximum size of one packet. >> This results in high CPU usage and thus denial of service conditions. >> >> >> CVE-2010-1850 >> >> MySQL was susceptible to a buffer-overflow attack due to a >> failure to perform bounds checking on the table name argument of a >> COM_FIELD_LIST command packet. By sending long data for the table >> name, a buffer is overflown, which could be exploited by an >> authenticated user to inject malicious code. >> >> >> For the stable distribution (lenny), these problems have been fixed in >> version 5.0.51a-24+lenny4 >> >> The testing (squeeze) and unstable (sid) distribution do not contain >> mysql-dfsg-5.0 anymore. >> >> We recommend that you upgrade your mysql-dfsg-5.0 package. >> >> Upgrade instructions >> - -------------------- >> >> wget url >> will fetch the file for you >> dpkg -i file.deb >> will install the referenced file. >> >> If you are using the apt-get package manager, use the line for >> sources.list as given below: >> >> apt-get update >> will update the internal database >> apt-get upgrade >> will install corrected packages >> >> You may use an automated update by adding the resources from the >> footer to the proper configuration. >> >> >> Debian GNU/Linux 5.0 alias lenny >> - -------------------------------- >> >> Debian (stable) >> - --------------- >> >> Stable updates are available for alpha, amd64, arm, armel, hppa, i386, >> ia64, mips, mipsel, powerpc, s390 and sparc. >> >> Source archives: >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny4.diff.gz >> Size/MD5 checksum: 382688 98904282d9b1ba07a5fa441695c9cefd >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny4.dsc >> Size/MD5 checksum: 1746 213d7a9655000a669a9262b68a645b84 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a.orig.tar.gz >> Size/MD5 checksum: 17946664 6fae978908ad5eb790fa3f24f16dadba >> >> Architecture independent packages: >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny4_all.deb >> Size/MD5 checksum: 53012 7b2c03b1e86bb4634bb65b7fd65a8ce0 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny4_all.deb >> Size/MD5 checksum: 55208 0059173c20f96569e532f34e8d8e6d3d >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny4_all.deb >> Size/MD5 checksum: 61784 165889f524b9cd317462910f34871652 >> >> alpha architecture (DEC Alpha) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_alpha.deb >> Size/MD5 checksum: 9069806 dbf1efe0f87962a0ce24c3c2026f08fe >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_alpha.deb >> Size/MD5 checksum: 8921072 4109cdb9b571b8384e22990f049077e5 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_alpha.deb >> Size/MD5 checksum: 28367370 1f7b2cbe390dc19230b83aac2b427a1c >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_alpha.deb >> Size/MD5 checksum: 2017406 121ad24e4ef9408540b34f4c954ea03a >> >> amd64 architecture (AMD x86_64 (AMD64)) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_amd64.deb >> Size/MD5 checksum: 7586258 dbffd3dcb28daa3070b68f0ee268d6b3 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_amd64.deb >> Size/MD5 checksum: 27296900 030ee9c14fbb373617e77158fb56c40f >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_amd64.deb >> Size/MD5 checksum: 8207020 233dde7fe1c8d16757862037b7f8c551 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_amd64.deb >> Size/MD5 checksum: 1905200 8296b7de029b8208828981d151ad7013 >> >> arm architecture (ARM) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_arm.deb >> Size/MD5 checksum: 26227842 f2e1a010442bd1b007aa1b12192e507c >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_arm.deb >> Size/MD5 checksum: 7158596 b06eb5f03ef7cbc2bdbda36d5f286411 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_arm.deb >> Size/MD5 checksum: 7614948 a3e30a83a7a314001445b0dd39415516 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_arm.deb >> Size/MD5 checksum: 1779078 69f97725b1aa16018a8b59e3f3723568 >> >> armel architecture (ARM EABI) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_armel.deb >> Size/MD5 checksum: 7261064 5526963b33325b3d6dec386f203ef4c3 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_armel.deb >> Size/MD5 checksum: 26225224 7ac517f02119cb0d7f9d1dd27d863a0b >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_armel.deb >> Size/MD5 checksum: 7650776 41fd6ce03ecbad3ebc876a145a440bc9 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_armel.deb >> Size/MD5 checksum: 1782498 8c8ffcec7cfcf2deaa622bbd3bd3e890 >> >> hppa architecture (HP PA RISC) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_hppa.deb >> Size/MD5 checksum: 8435372 3685c8fbee92cc421e2636956caf726a >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_hppa.deb >> Size/MD5 checksum: 1958982 3951104d822d5231b6bcc726bd3f538c >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_hppa.deb >> Size/MD5 checksum: 27898560 9fbee7a1ac008f5229bc1b6063461d8e >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_hppa.deb >> Size/MD5 checksum: 8176082 91f0424391f249a6d3f86bd7adfa9bfb >> >> i386 architecture (Intel ia32) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_i386.deb >> Size/MD5 checksum: 7201148 dec28c17afdfbc427b03b3dc7b16ae80 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_i386.deb >> Size/MD5 checksum: 1860698 fa79c4525944c5fc2938838697991d2a >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_i386.deb >> Size/MD5 checksum: 7785564 59607135a3509e3bdf5aacbe0f7b9e27 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_i386.deb >> Size/MD5 checksum: 26655616 660b2d3f55af9a0ffff5dec3ccb265b2 >> >> ia64 architecture (Intel ia64) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_ia64.deb >> Size/MD5 checksum: 2186514 3643a5fd53f47e6b37a657c2b985de5d >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_ia64.deb >> Size/MD5 checksum: 31432404 302295754438d88e1f29543d92cabfee >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_ia64.deb >> Size/MD5 checksum: 10914492 012586f98c3ef1f59105f7252abae54e >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_ia64.deb >> Size/MD5 checksum: 9934262 52aaca8c884acb288570c7187dc80fe6 >> >> mips architecture (MIPS (Big Endian)) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_mips.deb >> Size/MD5 checksum: 7886638 3674f662a26dee543e841dbc1aa90001 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_mips.deb >> Size/MD5 checksum: 26949468 c16b353714abef0109c31f24cd95157a >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_mips.deb >> Size/MD5 checksum: 1857996 19eb0e571e285ed370ff048a86c180de >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_mips.deb >> Size/MD5 checksum: 7852966 ad5ceec59cd351e9643f3fe7815899e4 >> >> mipsel architecture (MIPS (Little Endian)) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_mipsel.deb >> Size/MD5 checksum: 7778208 efd2025f639ba1f75601692d1f773482 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_mipsel.deb >> Size/MD5 checksum: 26454824 8c5c4d499e98a454d994a9799f867235 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_mipsel.deb >> Size/MD5 checksum: 1818040 983d9f0b274554af24895a9bf9da2d58 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_mipsel.deb >> Size/MD5 checksum: 7724872 2afe270ee53d403ff3d1b5e1449fb6cf >> >> powerpc architecture (PowerPC) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_powerpc.deb >> Size/MD5 checksum: 1917272 3e0cd81b4034a0572a04f0825f63539f >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_powerpc.deb >> Size/MD5 checksum: 27147186 a29b658c4a423ade01f38d383d8990bb >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_powerpc.deb >> Size/MD5 checksum: 8155688 cf97ff51341b672a192b29fb196a33d8 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_powerpc.deb >> Size/MD5 checksum: 7606414 a5ff20347ea77cba2e1f9775462b4e3b >> >> s390 architecture (IBM S/390) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_s390.deb >> Size/MD5 checksum: 28243518 d76d51037f58b1a4d55e2721b6b524dd >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_s390.deb >> Size/MD5 checksum: 7703306 7ded6daec5c06279f46e9e077f972fc2 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_s390.deb >> Size/MD5 checksum: 2032080 df093a3278065afc3623d993760142b5 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_s390.deb >> Size/MD5 checksum: 8238026 4121d28d8ee97640c82faf40745d64fb >> >> sparc architecture (Sun SPARC/UltraSPARC) >> >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny4_sparc.deb >> Size/MD5 checksum: 26847970 562cd268e46900380d05e83d48e7f854 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny4_sparc.deb >> Size/MD5 checksum: 7758418 446a2a74ca3c548d3fe9286c7534ca25 >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny4_sparc.deb >> Size/MD5 checksum: 1872840 2ea462a86056196ca11bf08a700f461a >> >> http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny4_sparc.deb >> Size/MD5 checksum: 7144452 8bb91966144e610e56f1480f23c6d47a >> >> >> These files will probably be moved into the stable distribution on >> its next update. >> >> - >> --------------------------------------------------------------------------------- >> For apt-get: deb http://security.debian.org/ stable/updates main >> For dpkg-ftp: >> ftp://security.debian.org/debian-securitydists/stable/updates/main >> Mailing list: [email protected] >> Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.10 (GNU/Linux) >> >> iEYEARECAAYFAkwM8rsACgkQNxpp46476aqiMQCfZmJr090XSr9fDzJ6xIIC6qKw >> imoAn2qnpAr7dXW3rJL8keHEQhqKOUqX >> =ory/ >> -----END PGP SIGNATURE----- >> >> >> -- >> To UNSUBSCRIBE, email to >> [email protected] >> with a subject of "unsubscribe". Trouble? Contact >> [email protected] >> Archive: >> http://lists.debian.org/[email protected] >> >> >
