Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
CVE-2007-5925 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5925): The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
mysql herd, would mysql-community also be affected by this? Is InnoDB a considered default setup?
Yup, both dev-db/mysql and dev-db/mysql-community are vulnerable, and InnoDB is shipped enabled by default per the request of upstream. The upstream bug notes the following as vulnerable: 4.1.20, 5.0.44, 5.1.23-BK (their development tip) That's basically the latest in every tree (I'm sure 4.1.2[23] are vulnerable as well, despite not being explicitly mentioned). Furthermore the upstream bug has no fixes at all yet. Hopefully they roll it into 5.0.50 and release soon (I've been waiting for 5.0.50 a long time now).
Thanks for the info, setting A3 then.
patch was released for 5.0.45, also works with 5.0.44-r1 ebuild. http://bugs.mysql.com/bug.php?id=32125
Created an attachment (id=136052) [edit] modified mysql ebuild
Created an attachment (id=136053) [edit] described patch
(From update of attachment 136052 [edit]) lukash: Please do not use src_unpack in mysql ebuilds like this, you exclude the other patchs that are applied to the tree. I'll have the new ebuilds out in 6-12 hours, I'm just doing testing on my machines (ppc64/amd64/x86) before releasing. They are getting another patch regarding $TMPDIR usage at the same time.
mysql-5.0.44-r2 is in the tree now, fixing upstream #32125 per this issue, as well as upstream #30287 (usage of wrong $TMPDIR for filesorts). Test instructions: FEATURES="test userpriv" \ USE="berkdb perl ssl cluster extraengine" \ emerge mysql Target stable keywords: alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86
mips is also a target since they have a 4.X stable, which is also affected. What about the community ebuild?
(ahh, the "add" button is killing me!)
Stable for sparc. Runs my databases as expected (and mysqldump still works. :) ).
mysql-community is coming after I next sleep (it's ~arch only). mips is way behind on their mysql keywording, the specifically dropped the 5.0 series long ago as they didn't want it, and there is bug 189223 open for them to re ~arch 5.0.44-rc1.
oh, one bit of advise for those testing MySQL per my instructions, that test takes ~45 minutes on a 2Ghz 2-way machine, and an hour on a 2Ghz 1-way box, so set it running and go out for coffee ;-)
crap wrong button.
(In reply to comment #12) > mysql-community is coming after I next sleep (it's ~arch only). Sleep well then :-) > mips is way behind on their mysql keywording, the specifically dropped the 5.0 > series long ago as they didn't want it, and there is bug 189223 open for them > to re ~arch 5.0.44-rc1. I see. I'll leave them in CC though, even if it doesn't result into anything.
Stable for HPPA.
x86 stable
stable for amd64, tested by me, approved by KingTaco.
alpha/ia64 stable
ppc stable
ppc64 stable
glsa request filed for mysql. This still remains [ebuild] for the community server.
GLSA 200711-25. letting open until we have a safe mysql-community ebuild in the tree.
mysql-community blocker: the 5.1 patch on the upstream bug causes mysql-community to fail during compile, because the DB_UNSUPPORTED token is not defined. I left a comment on the upstream bug, because it's not as simple as defining it if nothing else in the codebase returns it.
any update for community here?
10:44:02 <+CIA-23> vapier * gentoo-x86/dev-db/mysql/ (mysql-5.0.44-r2.ebuild mysql-5.0.44-r1.ebuild): 10:44:02 <+CIA-23> arm/s390/sh stable mips is plain hopeless and stuck w/ <=4.1.x (Bug 189223 ATM).
No update at all. Upstream even locked their bug so I can't access it anymore.
Err, no update for community-5.1 i mean. For 5.0, 5.0.54 is now in the tree, but pmasked. Sorry about the delay, this was a hard release to deal with. The extras tarball contains 359k of new patches, of which a massive 217k was me having to do the min/min -> MYSQL_MIN/MAX change by hand because of a large number of rejects. Lots of testing is appreciated, esp testing beyond the bundled testsuite.
per my comment left in bug 201669, this can go for arch testing now.
This bug does not affect 2008.0 snapshot, removing release@ from CC.
security: for mysql-community, 5.0.67 is in the tree now. 5.1.30 will fill that major version gap after upstream releases it (earlier 5.1.x builds have other issues). However I think you can close the bug now anyway. -community was only ~arch, so it doesn't need any GLSA updates.
thanks, closing
