I passed the following onto my LUG. I thought it might be of interest here too.
--------------------------------- LXer.com is pointing to a H-Open article about a security problem with some MySQL|MariaDB installations. Whether there is a problem or not, depends on which memcmp() function is being called. The Linux glibc that is sse-optimised is effected by this. %.1.61, 5.2.11, 5.3.5 and 5.5.22 are potentially vulnerable. Ubuntu 10.04, 10.10, 11.04, 11.10 and 12.04, OpenSuSE 12.1, Fedora 16 (all those distributions being 64 bit) and all "recent" Arch Linux look to be vulnerable. http://LXer.com http://www.h-online.com/open/news/item/Simple-authentication- bypass-for-MySQL-root-revealed-1614990.html Gord
