Description Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious users to cause a DoS (Denial of Service). 1) An unspecified error in the Server Optimizer component can be exploited to cause a crash. 2) An unspecified error in the MyISAM component can be exploited to cause a crash. 3) An unspecified error in the Partition component can be exploited to cause a crash. 4) An unspecified error in the Server DML component can be exploited to cause a crash. 5) An unspecified error in the Server Optimizer component can be exploited to cause a crash. 6) An unspecified error in the Server Optimizer component can be exploited to cause a crash. Please see the vendor's advisory for a list of affected versions. Solution Apply updates (please see the vendor's advisory for details). Provided and/or discovered by It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for April 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. Original Advisory Oracle: http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#AppendixMSQL
ago: the fixed versions have been in the tree for nearly 3 weeks already. mysql-5.1.62 mysql-5.5.22 mariadb-5.1.62 mariadb-5.2.12 mariadb-5.3.6 mariadb-5.5.23 However I'm aware of a new sec vuln that's present in the above mysql versions, and fixed in the new mariadb, and I'm just blocking on upstream to get it in.
arches, please stabilize mysql-5.1.62-r1.ebuild target keywords: alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86 Contains the security fixes listed in this bug, as well as a new vuln auth-bypass found by the MariaDB developers. Upstream locked bug is http://bugs.mysql.com/bug.php?id=64884 I haven't seen any CVE yet. Security team: The auth bypass should probably be considered as a high-priority, it's usable remotely, and needs only ~300 tries (possible in 1-2 seconds) with completely unmodified clients.
MySQL likely is on more than 5% of users' systems by now. Let's make it A* from now on. The issue at hand still is at *3 level, however Arches, please prioritize this stabilization.
amd64 stable
Stable for HPPA.
arm stable
CVE-2012-1703 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1703): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. CVE-2012-1697 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1697): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. CVE-2012-1696 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1696): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. CVE-2012-1690 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1690): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. CVE-2012-1688 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1688): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML. CVE-2012-0583 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0583): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
x86 stable
09 May 2012; Pawel Hajdan jr <phajdan.jr@gentoo.org> mysql-5.1.62.ebuild: x86 stable wrt bug #412889 You marked stable a wrong version
Stable on alpha.
(In reply to comment #9) > 09 May 2012; Pawel Hajdan jr <phajdan.jr@gentoo.org> mysql-5.1.62.ebuild: > x86 stable wrt bug #412889 > > > You marked stable a wrong version Thank you, now really stabilized -r1.
ppc/ppc64 done
ia64/s390/sh/sparc stable
Thanks, everyone. Added to existing GLSA request.
*** Bug 419611 has been marked as a duplicate of this bug. ***
mysql: please clean up vulnerable versions/extend masks
*** Bug 420695 has been marked as a duplicate of this bug. ***
CVE-2012-2122 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2122): sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
This issue was resolved and addressed in GLSA 201308-06 at http://security.gentoo.org/glsa/glsa-201308-06.xml by GLSA coordinator Sergey Popov (pinkbyte).