Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 185506 - 5.0.45 fixes security bugs
Summary: 5.0.45 fixes security bugs
Status: RESOLVED DUPLICATE of bug 185333
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Security
URL: http://dev.mysql.com/doc/refman/5.0/e...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-07-16 09:10 UTC by Bernd Marienfeldt
Modified: 2007-07-16 09:14 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Bernd Marienfeldt 2007-07-16 09:10:38 UTC
Security fix: A malformed password packet in the connection protocol could cause the server to crash. Thanks for Dormando for reporting this bug and providing details and a proof of concept. (Bug#28984)

Security Fix: CREATE TABLE LIKE did not require any privileges on the source table. Now it requires the SELECT privilege. (Bug#25578) 

Security fix: Use of a view could allow a user to gain update privileges for tables in other databases. (Bug#27878)

Security fix: If a stored routine was declared using SQL SECURITY INVOKER, a user who invoked the routine could gain privileges. (Bug#27337)

Security fix: The requirement of the DROP privilege for RENAME TABLE was not being enforced. (Bug#27515) 

Reproducible: Always
Comment 1 Stefan Cornelius (RETIRED) gentoo-dev 2007-07-16 09:14:20 UTC

*** This bug has been marked as a duplicate of bug 185333 ***