Processing commands for [EMAIL PROTECTED]:
severity 380271 important
Bug#380271: SECURITY: Merge table are unaffected from later right revokations.
[WONTFIX]
Bug#382415: CVE-2006-4031: mysql security policy violation throue MERGE tables
Severity set to `important' from `grave'
stop
Stopping
Processing commands for [EMAIL PROTECTED]:
tags 380271 + confirmed wontfix
Bug#380271: SECURITY: Merge table are unaffected from later right revokations.
Tags were: security patch
Bug#382415: CVE-2006-4031: mysql security policy violation throue MERGE tables
Tags added: confirmed, wontfix
Christian Hammers wrote:
Does this justify a DSA? If so, can you register a CVE id?
Sorry for the late reply. My intuition tells me that the transferred
privileges should be revoked, does the documentation indicate the same?
However, if the fix only consists of an option to disable
Hello
On 2006-08-08 Moritz Muehlenhoff wrote:
Christian Hammers wrote:
MySQL today announced a new upstream version for mysql-server-4.1 that
fixes a security problem:
Security fix: If a user has access to MyISAM table t, that user can
create a MERGE table m that accesses t.
On 2006-08-08 Moritz Muehlenhoff wrote:
Christian Hammers wrote:
MySQL today announced a new upstream version for mysql-server-4.1 that
fixes a security problem:
Security fix: If a user has access to MyISAM table t, that user can
create a MERGE table m that accesses t. However,
Christian Hammers wrote:
MySQL today announced a new upstream version for mysql-server-4.1 that
fixes a security problem:
Security fix: If a user has access to MyISAM table t, that user can
create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently
Package: mysql-server-4.1
Version: 4.1.11a-4sarge5
Severity: grave
Tags: security patch
Hello
MySQL today announced a new upstream version for mysql-server-4.1 that
fixes a security problem:
Security fix: If a user has access to MyISAM table t, that user can
create a MERGE table m that
7 matches
Mail list logo