Bug 339826

"Multiple vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).

1) An error in MySQL replication when handling version specific comments can be exploited to execute arbitrary SQL statements with "SUPER" privileges on a slave if the master runs a lower server release version than the slave.

This vulnerability is reported in versions prior to 5.1.50.

2) An error in the processing of arguments passed to e.g. the "LEAST()" or "GREATEST()" function can be exploited to cause the server to crash.

3) An error when materialising a derived table that requires a temporary table for grouping can be exploited to cause the server to crash.

4) An error exists due to the re-evaluation of expression values used for temporary tables, which can be exploited to cause the server to crash.

5) An error in the handling of the "GROUP_CONCAT()" statement in combination with "WITH ROLLUP" can be exploited to cause the server to crash.

6) An error within the handling of the "GREATEST()" or "LEAST()" functions when using an intermediate temporary table can be exploited to cause a crash by passing a mixed list of numeric and "LONGBLOB" arguments to the affected functions.

7) An error in the processing of nested joins in stored procedures and prepared statements can be exploited to cause an infinite loop.

8) An error in the "PolyFromWKB()" function can be exploited to crash the server by passing specially crafted WKB data to the function.

Vulnerabilities #2 through #8 are reported in versions prior to 5.1.51.

Solution
Update to version 5.1.51."

Reproducible: Always