Package: mysql-common Version: 5.0.51a-12 Severity: grave Tags: security, patch Justification: user security hole
Hi Mysql upstream changelog says: An empty bit-string literal (b'') caused a server crash. Now the value is parsed as an empty bit value (which is treated as an empty string in string context or 0 in numeric context). (Bug#35658) You'll find more information and a patch at the mysql upstream bugreport[0] A CVE id has been requested and I'll forward it, once it got issued. Cheers Steffen [0]: http://bugs.mysql.com/bug.php?id=35658 _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
