OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Michael van Elst
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-web Date: 18-Mar-2003 16:42:56
Branch: HEAD Handle: 2003031815425600
Modified files:
openpkg-web/security OpenPKG-SA-2003.022-mysql.txt
Log:
polish
Summary:
Revision Changes Path
1.2 +5 -11 openpkg-web/security/OpenPKG-SA-2003.022-mysql.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-web/security/OpenPKG-SA-2003.022-mysql.txt
============================================================================
$ cvs diff -u -r1.1 -r1.2 OpenPKG-SA-2003.022-mysql.txt
--- openpkg-web/security/OpenPKG-SA-2003.022-mysql.txt 17 Mar 2003 15:01:21
-0000 1.1
+++ openpkg-web/security/OpenPKG-SA-2003.022-mysql.txt 18 Mar 2003 15:42:56
-0000 1.2
@@ -3,7 +3,7 @@
OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED] [EMAIL PROTECTED]
-OpenPKG-SA-2003.023 14-Mar-2003
+OpenPKG-SA-2003.023 18-Mar-2003
________________________________________________________________________
Package: mysql
@@ -11,14 +11,11 @@
OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages:
-OpenPKG CURRENT <= mysql-3.23.56-20030211 >= mysql-3.23.56-20030211
+OpenPKG CURRENT <= mysql-3.23.55-20030318 >= mysql-3.23.56-20030211
OpenPKG 1.2 <= mysql-3.23.54a-1.2.1 >= mysql-3.23.54a-1.2.2
OpenPKG 1.1 <= mysql-3.23.52-1.1.2 >= mysql-3.23.52-1.1.3
-Affected Releases: Dependent Packages:
-OpenPKG CURRENT bar quux
-OpenPKG 1.2 bar quux
-OpenPKG 1.1 bar
+Dependent Packages: none
Description:
According to a message on BugTraq [0], a remote root exploit
@@ -32,12 +29,11 @@
Please check whether you are affected by running "<prefix>/bin/rpm
-q mysql". If you have the "mysql" package installed and its version
is affected (see above), we recommend that you immediately upgrade
- it (see Solution) and it's dependent packages (see above), if any,
- too. [2][4]
+ it (see Solution). [2][3]
Solution:
Select the updated source RPM appropriate for your OpenPKG release
- [4][6], fetch it from the OpenPKG FTP service [7][8] or a mirror
+ [4][5], fetch it from the OpenPKG FTP service [6][7] or a mirror
location, verify its integrity [8], build a corresponding binary RPM
from it [2] and update your OpenPKG installation by applying the binary
RPM [3]. For the current release OpenPKG 1.2, perform the following
@@ -54,8 +50,6 @@
$ su -
# <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/mysql-3.23.54a-1.2.2.*.rpm
- Additionally, we recommend that you rebuild and reinstall
- all dependent packages (see above), if any, too. [2][4]
________________________________________________________________________
References:
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
