upstream bug is here http://bugs.mysql.com/bug.php?id=16470 supposedly a patch is out here: http://lists.mysql.com/commits/43522 this should be brought in to gentoo's portage tree immediately. Reproducible: Always Steps to Reproduce: mysql> grant blah on blah.blah to blah@blah identified by blah; Actual Results: entire daemon dies immediately Expected Results: stable!
This is actually a Denial of Service issue and should be handled as a security bug, re-assigning. Short summary: Any user with GRANT permissions can crash the whole server. mysql team, please bump.
It's not only a DoS issue, it prohibits regular use of grant statements.
All security relevant arches stable due to bug 246652. I vote YES.
Returning to [ebuild]... the patch has not been committed to 5.0 as discussed on http://lists.mysql.com/commits/36237 I'm not sure whether upstream states that 5.0 is not affected, or they simply do not care.
It's in the tree as mysql-5.0.70-r1 now. Stabilization is in bug 246652.
Yes, too. Added bug # to a pending request.
security: bump for glsa on this
security: ping
This issue was resolved and addressed in GLSA 201201-02 at http://security.gentoo.org/glsa/glsa-201201-02.xml by GLSA coordinator Tim Sammut (underling).