Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Executing the following query results in a NULL pointer derefence. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 Server version: 5.0.34-log Gentoo Linux mysql-5.0.34 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> use test Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0))); 0xb7f6d410 in __kernel_vsyscall () (gdb) c Continuing. Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1277277296 (LWP 15719)] 0x081215b2 in my_decimal2decimal (from=0x0, to=0x8b3b380) at my_decimal.h:198 198 *to= *from; (gdb) bt #0 0x081215b2 in my_decimal2decimal (from=0x0, to=0x8b3b380) at my_decimal.h:198 #1 0x08146b58 in in_decimal::set (this=0x8b3b2f0, pos=1, item=0x8b3a120) at item_cmpfunc.cc:2171 #2 0x0814e5cc in Item_func_in::fix_length_and_dec (this=0x8b3a2f8) at item_cmpfunc.cc:2483 #3 0x0813cb3a in Item_func::fix_fields (this=0x8b3a2f8, thd=0x8b06dc0, ref=0x8b3b1c0) at item_func.cc:189 #4 0x08148c4a in Item_func_in::fix_fields (this=0x8b3a2f8, thd=0x8b06dc0, ref=0x8b3b1c0) at item_cmpfunc.cc:2406 #5 0x081e4e1c in setup_conds (thd=0x8b06dc0, tables=0x8b39708, leaves=0x8b39708, conds=0x8b3b1c0) at sql_base.cc:4951 #6 0x08216495 in setup_without_group (thd=0x8b06dc0, ref_pointer_array=0x8b3b210, tables=0x8b39708, leaves=0x8b39708, fields=@0x8b07118, all_fields=@0x8b3b14c, conds=0x8b3b1c0, order=0x0, group=0x0, hidden_group_fields=0x8b3b132) at sql_select.cc:288 #7 0x082109b9 in JOIN::prepare (this=0x8b3a430, rref_pointer_array=0x8b071a8, tables_init=0x8b39708, wild_num=0, conds_init=0x8b3a2f8, og_num=0, order_init=0x0, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x8b0708c, unit_arg=0x8b06e60) at sql_select.cc:345 #8 0x08211320 in mysql_select (thd=0x8b06dc0, rref_pointer_array=0x8b071a8, tables=0x8b39708, wild_num=0, fields=@0x8b07118, conds=0x8b3a2f8, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2156153344, result=0x8b3a420, unit=0x8b06e60, select_lex=0x8b0708c) at sql_select.cc:2023 #9 0x08214b6e in handle_select (thd=0x8b06dc0, lex=0x8b06dfc, result=0x8b3a420, setup_tables_done_option=0) at sql_select.cc:256 #10 0x081b9ddd in mysql_execute_command (thd=0x8b06dc0) at sql_parse.cc:2614 #11 0x081c13f2 in mysql_parse (thd=0x8b06dc0, inBuf=0x8b39598 "SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0)))", length=61) at sql_parse.cc:5832 #12 0x081c34e9 in dispatch_command (command=COM_QUERY, thd=0x8b06dc0, packet=0x8b35569 "SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0)))", packet_length=62) at sql_parse.cc:1774 #13 0x081c47f1 in do_command (thd=0x8b06dc0) at sql_parse.cc:1556 #14 0x081c56da in handle_one_connection (arg=0x8b06dc0) at sql_parse.cc:1187 #15 0xb7df070f in start_thread () from /lib/libpthread.so.0 Reproducible: Always A functional patch is given below :- *** item_cmpfunc.cc-new Fri Mar 23 15:39:41 2007 --- item_cmpfunc.cc-old Fri Mar 23 14:34:07 2007 *************** *** 2167,2173 **** dec->len= DECIMAL_BUFF_LENGTH; dec->fix_buffer_pointer(); my_decimal *res= item->val_decimal(dec); ! if (!item->null_value && res != dec) my_decimal2decimal(res, dec); } --- 2167,2173 ---- dec->len= DECIMAL_BUFF_LENGTH; dec->fix_buffer_pointer(); my_decimal *res= item->val_decimal(dec); ! if (res != dec) my_decimal2decimal(res, dec); }
Where does this information come from? Was it something you discovered or are you referencing something you saw somewhere else? Are you the author of the patch?
(In reply to comment #1) > Where does this information come from? Was it something you discovered or are > you referencing something you saw somewhere else? Are you the author of the > patch? > The patch is mine, this was discovered when a colo box fellover...
mu-b/mysql-bugs has upstream MySQL been informed? Confirmed here on a random table running MySQL 5.0.26-r2 on Hardened. mysql-bugs please advise and patch as necessary.
I confirm it on 5.0.32 on PPC64-32ul as well. mu-b: please submit it upstream and link to the upstream bug here ASAP - if you do so promptly, it should make it into the upcoming 5.0.38 release.
(In reply to comment #4) > I confirm it on 5.0.32 on PPC64-32ul as well. > > mu-b: please submit it upstream and link to the upstream bug here ASAP - if you > do so promptly, it should make it into the upcoming 5.0.38 release. > Submitted upstream :- http://bugs.mysql.com/bug.php?id=27513
Thx everyone.
Upstream committed a fix: http://lists.mysql.com/commits/23685
I've locally created an updated ebuild, get it via: svn co http://svn.hboeck.de/overlay/dev-db/mysql/ What I did: - created a new patchset mysql-extras which applies the 702-patch only up till .34 and add a fix for the null pointer DoS Please test, for yet to me unknown reasons I can't start it with the gentoo-initscript any more, but manually starting mysqld works and I can't crash it any more with the public exploit codes.
hanno: your patch seems to be reversed from mu-b's original. jaervosz: that upstream item you linked to is only a testcase for the bug. mu-b: could you look at the 5.0.38 sources and confirm that fix there is the same as yours?
@robbat2 the link was provided by mu-b in comment #5.
@jaervosz: ah, I didn't see it linked from the upstream bug that mu-b linked to. @mu-b/@hanno: sorry, my testcase ran into a bit where it didn't crash without the fix on one machine, but it does crash on two other boxes, so I'll apply anyway. 5.0.38 is going in the tree shortly, per the other tracking bug (just waiting for one more pass of testcases, ~20 minutes or so).
ok, I've got one last really strange bit of weirdness with this. And it explains why I had trouble reproducing this. If you use the prepared-statement protocol, two of crashes in the upstream testcase do NOT happen! I'm going to ship 5.0.38 with the patches in, but the errors testcase disabled for the moment. 5.0.40 from upstream will have a proper fix for this (but I haven't managed to trace down the exact commits, so I'm not backporting). Errors are (from /dev/shm/portage/dev-db/mysql-5.0.38/work/mysql/mysql-test/var/log/mysqltest-time) : mysqltest: Result length mismatch (the last lines may be the most important ones) Below are the diffs between actual and expected results: ------------------------------------------------------- *** r/errors.result Sun Apr 15 12:29:48 2007 --- r/errors.reject Sun Apr 15 13:14:04 2007 *************** *** 31,44 **** CREATE TABLE t1 (a INT); SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); a - Warnings: - Error 1365 Division by 0 INSERT INTO t1 VALUES(1); SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); a 1 - Warnings: - Error 1365 Division by 0 INSERT INTO t1 VALUES(2),(3); SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); a --- 31,40 ---- -------------------------------------------------------
5.0.38 is now in the tree. Give it an hour or so to get out, and for the mysql-extras tarball to make it to the mirrors. Test procedure: time FEATURES=test USE='berkdb big-tables cluster embedded extraengine' emerge mysql It takes about 70 minutes on my quad G5 (ppc64-32ul) and my core2duo.
Thx Robbat, do we know wether this only affects 5.0.x? (alpha+mips don't seem to have any stable 5.0.x versions yet). Arhes please test and mark stable. Target keywords are: mysql-5.0.38.ebuild:KEYWORDS="~alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd"
emerges fine and works on amd64, passes all tests (that damn testcase takes ages! :p) Portage 2.1.2.2 (default-linux/amd64/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.20-beyond2 x86_64) ================================================================= System uname: 2.6.20-beyond2 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 4600+ Gentoo Base System release 1.12.9 Timestamp of tree: Sun, 15 Apr 2007 14:20:01 +0000 ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.31-r5 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r6 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.15-r1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=k8 -Os -pipe -msse3 -w" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo" CXXFLAGS="-march=k8 -Os -pipe -msse3 -w" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--quiet" FEATURES="buildsyspkg ccache collision-protect distlocks metadata-transfer multilib-strict nodoc noinfo parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox" GENTOO_MIRRORS="ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ ftp://pandemonium.tiscali.de/pub/gentoo/ " LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" MAKEOPTS="-j3 -l3 -s" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/overlay" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="X a52 aac acpi alsa amd64 amr audiofile bitmap-fonts bzip2 cairo cdinstall cdr cli cracklib crypt cups dbus dri dts dvd dvdr dvdread emboss encode exif fam firefox fortran gdbm gif gstreamer gtk gtk2 hal iconv jpeg libg++ lirc logrotate mad midi mikmod minimal mp3 mpeg ncurses nptl nptlonly offensive ogg opengl pam pcre php png ppds pppd quicktime readline reflection sdl session smp spl ssl svg symlink tcpd test tiff truetype truetype-fonts type1-fonts unicode v4l vim vorbis x264 xinerama xorg xv xvid zlib" ALSA_CARDS="emu10k1" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="evdev keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIRC_DEVICES="inputlirc" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CTARGET, INSTALL_MASK, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
On x86: Stopping All Servers Failed 40/468 tests, 91.45% were successful. The log files in var/log may give you some hint of what went wrong. If you want to report this error, please read first the documentation at http://www.mysql.com/doc/en/MySQL_test_suite.html The servers where restarted 96 times Spent 761.634999999999 seconds actually executing testcases mysql-test-run in ps-protocol mode: *** Failing the test(s): loaddata_autocom_ndb ndb_alter_table ndb_alter_table2 ndb_autodiscover ndb_autodiscover2 ndb_autodiscover3 ndb_basic ndb_bitfield ndb_blob ndb_cache ndb_cache2 ndb_cache_multi ndb_cache_multi2 ndb_charset ndb_condition_pushdown ndb_config ndb_database ndb_gis ndb_index ndb_index_ordered ndb_index_unique ndb_insert ndb_limit ndb_loaddatalocal ndb_lock ndb_minmax ndb_multi ndb_read_multi_range ndb_rename ndb_replace ndb_restore ndb_subquery ndb_transaction ndb_trigger ndb_truncate ndb_types ndb_update ps_7ndb rpl_ndb_innodb_trans strict_autoinc_5ndb mysql-test-run: *** ERROR: there where failing test cases make: *** [test-ps] Error 1 !!! ERROR: dev-db/mysql-5.0.38 failed. Call stack: ebuild.sh, line 1614: Called dyn_test ebuild.sh, line 1026: Called qa_call 'src_test' environment, line 4443: Called src_test mysql-5.0.38.ebuild, line 70: Called die !!! test-ns failed !!! If you need support, post the topmost build error, and the call stack if relevant. !!! A complete build log is located at '/var/log/portage/dev-db:mysql-5.0.38:20070415-225640.log'. Build log at https://daria.ynet.sk/~ticho/mysql-build.log (too large to attach).
ppc64 stable
amd64 stable
ia64 stable
Ticho: please paste your emerge --info? The test setup for the cluster-master is failing on your machine.
leela dev-java # emerge --info Portage 2.1.2.2 (default-linux/x86/2006.1, gcc-4.1.1, glibc-2.5-r0, 2.6.20-gentoo-r5 i686) ================================================================= System uname: 2.6.20-gentoo-r5 i686 Intel(R) Celeron(R) CPU 2.60GHz Gentoo Base System release 1.12.9 Timestamp of tree: Sun, 15 Apr 2007 15:20:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.31 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r6 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer" DISTDIR="/usr/gentoo/distfiles" FEATURES="ccache collision-protect distcc distlocks metadata-transfer parallel-fetch sandbox sfperms strict test" GENTOO_MIRRORS="http://mirror.gentoo.sk/pub ftp://ftp.sh.cvut.cz/MIRRORS/gentoo/gentoo http://ftp.easynet.nl/mirror/gentoo" MAKEOPTS="-j6" PKGDIR="/usr/gentoo/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp/portage" PORTDIR="/usr/gentoo/portage" PORTDIR_OVERLAY="/usr/gentoo/overlay" SYNC="rsync://mirror.gentoo.sk/gentoo-portage" USE="apache2 bash-completion berkdb bitmap-fonts bzip2 cli cracklib crypt dri fortran gdbm gpm iconv isdnlog jpeg libg++ logrotate midi mmx mp3 mpeg mysql ncurses nls nptl nptlonly pam pcre perl ppds pppd python readline reflection samba session spl sse sse2 ssl tcpd test truetype-fonts type1-fonts unicode x86 xorg xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark ati chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt mga neomagic nsc nv rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
ok, so those testcases really don't like being run as root, which FEATURES=-userpriv has. I've disabled when under that condition now. And marked x86 as stable as requested by Ticho (since he was going to bed).
Stopping All Servers Warning; Aborted waiting on pid file: '/var/tmp/portage/dev-db/mysql-5.0.38/wor k/mysql/mysql-test/var/run/master.pid' after 70 seconds Failed 43/455 tests, 90.55% were successful. The log files in var/log may give you some hint of what went wrong. If you want to report this error, please read first the documentation at http://www.mysql.com/doc/en/MySQL_test_suite.html The servers where restarted 97 times Spent 1842.995 seconds actually executing testcases mysql-test-run in ps-protocol mode: *** Failing the test(s): kill loaddata_autoc om_ndb ndb_alter_table ndb_alter_table2 ndb_autodiscover ndb_autodiscover2 ndb_a utodiscover3 ndb_basic ndb_bitfield ndb_blob ndb_cache ndb_cache2 ndb_cache_mult i ndb_cache_multi2 ndb_charset ndb_condition_pushdown ndb_config ndb_database nd b_gis ndb_index ndb_index_ordered ndb_index_unique ndb_insert ndb_limit ndb_load datalocal ndb_lock ndb_minmax ndb_multi ndb_read_multi_range ndb_rename ndb_repl ace ndb_restore ndb_subquery ndb_transaction ndb_trigger ndb_truncate ndb_types ndb_update ps_7ndb rpl_dual_pos_advance rpl_ndb_innodb_trans strict_autoinc_5ndb wait_timeout mysql-test-run: *** ERROR: there where failing test cases make: *** [test-ps] Error 1
Created an attachment (id=116367) [details] emerge --info I neglected to post this interesting snippet, time's output: real 648m41.574s user 68m55.642s sys 32m41.283s
Marked stable for HPPA in the understanding that these failures occurred on hppa for the same reason they occurred on x86.
jer: please upload the files from the following tests: ${WORKDIR}/mysql/mysql-test/r/rpl_dual_pos_advance* ${WORKDIR}/mysql/mysql-test/r/wait_timeout* The other ones are moot because you run without userpriv, and I only just changed those now. Interesting to note that MySQL took nearly 10 hours just to build on HPPA, and then only 1 hour for all the tests.
re-add hppa@ because two of his tests were something else.
(In reply to comment #26) > jer: please upload the files from the following tests: > ${WORKDIR}/mysql/mysql-test/r/rpl_dual_pos_advance* > ${WORKDIR}/mysql/mysql-test/r/wait_timeout* Blame ebuild for deleting WORKDIR without asking nicely. :) > The other ones are moot because you run without userpriv, and I only just > changed those now. > Interesting to note that MySQL took nearly 10 hours just to build on HPPA, and > then only 1 hour for all the tests. The other way round, I would think. MySQL takes an hour to build: # genlop -i dev-db/mysql * dev-db/mysql Total builds: 7 Global build time: 6 hours, 18 minutes and 46 seconds. Average merge time: 54 minutes and 6 seconds. The tests took about 9 hours in this case, probably because a lot of tests showed this message: Warning; Aborted waiting on pid file: '/var/tmp/portage/dev-db/mysql-5.0.38/work/mysql/mysql-test/var/run/master.pid' after 70 seconds It is very likely that this is related to hppa's problems with threading. I will try again in a chroot with a glibc-2.5 that is supposed to fix these problems.
Ah, I went with the other output: "Spent 1842.995 seconds actually executing testcases" and I know that occurs twice, with usually very similar numbers. When you're doing another pass for your hppa, take cluster and extraengine out of your USE if you want to speed it up. All of those passed in your previous output, or were ones that I specifically excluded.
(In reply to comment #29) > When you're doing another pass for your hppa, take cluster and extraengine out > of your USE if you want to speed it up. All of those passed in your previous > output, or were ones that I specifically excluded. I went with the full suite in the glibc-2.5 chroot and in this environment, all tests passed: Stopping All Servers All 415 tests were successful. The servers where restarted 96 times Spent 1384.945 seconds actually executing testcases And the second run of the suite in the same build: Stopping All Servers All 414 tests were successful. The servers where restarted 96 times Spent 1467.116 seconds actually executing testcases This does not look good: dodoc: support-files/my-*.cnf does not exist dodoc: support-files/magic does not exist dodoc: support-files/ndb-config-2-node.ini does not exist dodoc: scripts/mysql* does not exist Emerge took this long this time: real 169m29.165s user 83m55.535s sys 38m5.443s
sparc stable.
@Robbat2, I think my question to you on Comment #14 got lost in other issues.
the 4.1 series is the only one I have access to, and it isn't vulnerable in my quick tests (4.1.22).
ppc stable, ready for GLSA voting
i vote yes for a GLSA
I also vote yes, cause it's mysql, heavily used. Changing status and submitting GLSA request.
GLSA 200705-11 combined with bug 170126
*** Bug 177913 has been marked as a duplicate of this bug. ***
