Spring navigering over

• Om Debian
• Nyheder
• Få fat i Debian
• Support
• Udviklerhjørnet
• Sideoversigt
• Søg

Debians sikkerhedsbulletin

DSA-1169-1 mysql-dfsg-4.1 -- flere sårbarheder

Rapporteret den:

5. sep 2006

Berørte pakker:

mysql-dfsg-4.1

Sårbar:

Ja

Referencer i sikkerhedsdatabaser:

I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 19559.
I Mitres CVE-ordbog: CVE-2006-4226, CVE-2006-4380.

Yderligere oplysninger:

Flere lokale sårbarheder er opdaget i databaseserveren MySQL. Projektet Common Vulnerabilities and Exposures har fundet frem til følgende problemer:

• CVE-2006-4226

  Michal Prokopiuk har opdaget at fjernautentificerede brugere har tilladelse til at oprette og tilgå en database hvis navnet skrevet med små bogstaver, er det samme som på den database, de er blevet givet tilladelse til.

• CVE-2006-4380

  Beat Vontobel har opdaget at visse forespørgsler replikeret til en slaveserver, kunne få klienten til at gå ned og dermed afbryde replikeringen.

I den stabile distribution (sarge) er disse problemer rettet i version 4.1.11a-4sarge7. Version 4.0 er ikke påvirket af disse problemer.

I den ustabile distribution (sid) er disse problemer rettet i version 5.0.24-3. Replikeringsproblemet findes kun i version 4.1.

Vi anbefaler at du opgraderer din mysql-server-4.1-pakke.

Rettet i:

Debian GNU/Linux 3.1 (sarge)

Kildekode:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge7.dsc

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge7.diff.gz

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz

Arkitekturuafhængig komponent:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge7_all.deb

Alpha:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_alpha.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_alpha.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_alpha.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_alpha.deb

AMD64:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_amd64.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_amd64.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_amd64.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_amd64.deb

ARM:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_arm.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_arm.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_arm.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_arm.deb

HPPA:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_hppa.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_hppa.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_hppa.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_hppa.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_i386.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_i386.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_i386.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_i386.deb

Intel IA-64:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_ia64.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_ia64.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_ia64.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_ia64.deb

Motorola 680x0:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_m68k.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_m68k.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_m68k.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_m68k.deb

Big endian MIPS:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_mips.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_mips.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_mips.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_mips.deb

Little endian MIPS:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_mipsel.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_mipsel.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_mipsel.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_powerpc.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_powerpc.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_powerpc.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_s390.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_s390.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_s390.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_s390.deb

Sun Sparc:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_sparc.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_sparc.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_sparc.deb

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.

Denne side findes også på følgende sprog:

Deutsch English español français 日本語 (Nihongo) svenska

Sådan opsætter du standardsprogvalg for dokumenter