ELSA-2008-0364

Опубликовано: 30 мая 2008

Источник: oracle-oval

Платформа: Oracle Linux 5

Описание

ELSA-2008-0364: mysql security and bug fix update (LOW)

[5.0.45-7]

Adjust thread stack requests to allow for platform-specific guard page size; necessary to prevent stack overrun on PPC with RHEL5's 64K page size. Resolves: #435391
Remove calendar-dependent queries from 'view' test; necessary to get regression tests to pass after 2007.

[5.0.45-6]

Back-port upstream fixes for CVE-2007-5925, CVE-2007-5969, CVE-2007-6303. Resolves: #422211

[5.0.45-1]

Update to MySQL 5.0.45 Resolves: #256501, #240813, #246309, #254012 Resolves: #280811, #316451, #349121, #367131
Synchronize with current Fedora package, which is pretty well tested by now; see past bzs 245770, 241912, 233771, 221085, 223713, 203910, 193559, 199368

[5.0.22-3]

Fix CVE-2007-3780: remote DOS via bad password length byte Resolves: #257681

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

mysql

5.0.45-7.el5

mysql-bench

5.0.45-7.el5

mysql-devel

5.0.45-7.el5

mysql-server

5.0.45-7.el5

mysql-test

5.0.45-7.el5

Oracle Linux i386

mysql

5.0.45-7.el5

mysql-bench

5.0.45-7.el5

mysql-devel

5.0.45-7.el5

mysql-server

5.0.45-7.el5

mysql-test

5.0.45-7.el5

Связанные CVE

Ссылки на источники

Связанные уязвимости

CVE-2007-2583

ubuntu

около 18 лет назад

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.

CVE-2007-2583

redhat

около 18 лет назад

CVE-2007-2583

nvd

около 18 лет назад

CVE-2007-2583

debian

около 18 лет назад

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40 ...

GHSA-hf23-jpgj-4fhg

github

около 3 лет назад