Bug 351413 (CVE-2010-3682)

Summary:	<dev-db/mysql-{5.0.92,5.1.49} multiple vulnerabilities (CVE-2010-{3682,3677})
Product:	Gentoo Security	Reporter:	Paweł Hajdan, Jr. (RETIRED) <phajdan.jr>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	mysql-bugs
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	B3 [glsa]
Package list:		Runtime testing required:	---

Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2011-01-12 06:41:29 UTC

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3682
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3677

mysql-5.0.92 is not yet released.

Comment 1 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2011-02-16 17:46:01 UTC

mysql-5.0.92 has been released on 7th Feb 2011: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html

Maintainers, please bump the ebuild in the tree.

Comment 2 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure

2011-02-17 12:44:57 UTC

I did a bump in the overlay, but it's still running tests. If that goes well I'll add it to the tree soon.

Comment 3 Tim Sammut (RETIRED) gentoo-dev

2011-05-14 20:09:03 UTC

A fixed version of mysql was stabilized in bug 344987.

GLSA Vote: Yes.

Comment 4 Stefan Behte (RETIRED) gentoo-dev

2011-10-08 22:13:31 UTC

Vote: YES. Added to pending GLSA request.

Comment 5 GLSAMaker/CVETool Bot gentoo-dev

2012-01-05 22:47:33 UTC

This issue was resolved and addressed in
 GLSA 201201-02 at http://security.gentoo.org/glsa/glsa-201201-02.xml
by GLSA coordinator Tim Sammut (underling).