Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 67062 - dev-db/mysql: Multiple vulnerabilities
Summary: dev-db/mysql: Multiple vulnerabilities
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
Whiteboard: B1 [glsa]
: 67175 67343 69851 (view as bug list)
Depends on:
Reported: 2004-10-11 02:24 UTC by Kurt Lieber (RETIRED)
Modified: 2011-10-30 22:38 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kurt Lieber (RETIRED) gentoo-dev 2004-10-11 02:24:56 UTC
From a recent vendor-sec posting:  (these bugs are public afaik, but I'm marking this private in our bugzilla system until I'm sure.  Treat it as a fight club until further notice)

There have been a number of vulnerabilities discovered in recent
versions of the mysql server.  Patches are available through URLs.


    Oleksandr Byelkin noticed that ALTER TABLE ... RENAME checks
    CREATE/INSERT rights of the old table instead of the new one.

    Fixed bug in privilege checking of ALTER TABLE RENAME|tags|ChangeSet@1.1413..


    Lukasz Wojtow noticed a buffer overrun in the mysql_real_connect

    Fixed potential memory overrun in mysql_real_connect() (which
    required a compromised DNS server and certain operating systems).


    Dean Ellis noticed that multiple threads ALTERing the same (or
    different) MERGE tables to change the UNION can cause the server
    to crash or stall.

    Fixed an old bug in concurrent accesses to MERGE tables (even one
    MERGE table and MyISAM tables), that could've resulted in a crash or
    hang of the server.

The following ones don't have a CVE id assigned to, but I'm in contact
with MITRE already.

Crash with MATCH..AGAINST (denial of service)

    Only affects mysql 4.0

Privilege Escalation on GRANT ALL ON `Foo\_Bar`

    Fixed bug in privilege checking where, under some conditions, one
    was able to grant privileges on the database, he has no privileges on.

    Does not only affect older versions than 4.0 as well.
Comment 1 Kurt Lieber (RETIRED) gentoo-dev 2004-10-11 02:25:45 UTC
mysql team -- can you review/patch as appropriate?  Please treat this as a confidential bug report.
Comment 2 Matthias Geerdsen (RETIRED) gentoo-dev 2004-10-11 05:07:22 UTC
Debian published a DSA on the first three ones with CAN assignments.
Comment 3 Luke Macken (RETIRED) gentoo-dev 2004-10-11 16:39:03 UTC
*** Bug 67175 has been marked as a duplicate of this bug. ***
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2004-10-15 05:15:45 UTC
MySQL team : we're getting late on those... Please apply fixes and bump (or comment).
Comment 5 Thierry Carrez (RETIRED) gentoo-dev 2004-10-18 01:55:09 UTC
All these issues are in fact public fixed in 4.0.21... already in portage.
A little feedback from the MySQL team on this would have been appreciated.

Arches: please mark 4.0.21 stable
Comment 6 Thierry Carrez (RETIRED) gentoo-dev 2004-10-18 01:55:54 UTC
*** Bug 67343 has been marked as a duplicate of this bug. ***
Comment 7 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-10-18 02:21:18 UTC
Koon: sorry, I've been quite busy with schoolwork, and after I did finally get access to the bug (just having mysql-bugs on the CC doesn't let us into locked bugs), I only got to checking one of the items.

When you write up the GLSA, note that several of these apply to both the 3.23 and 4.0 MySQL versions.
Comment 8 Jochen Maes (RETIRED) gentoo-dev 2004-10-18 06:55:48 UTC
stable on ppc
Comment 9 Gustavo Zacarias (RETIRED) gentoo-dev 2004-10-18 10:22:52 UTC
sparc tasty.
Comment 10 Bryan Østergaard (RETIRED) gentoo-dev 2004-10-18 14:01:34 UTC
Stable on alpha.
Comment 11 Tom Gall (RETIRED) gentoo-dev 2004-10-18 21:07:28 UTC
stable on ppc64
Comment 12 Guy Martin (RETIRED) gentoo-dev 2004-10-19 12:42:24 UTC
Stable on hppa.
Comment 13 Hardave Riar (RETIRED) gentoo-dev 2004-10-19 23:07:36 UTC
Stable on mips.
Comment 14 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-10-22 10:33:45 UTC
stable on x86.
Comment 15 Danny van Dyk (RETIRED) gentoo-dev 2004-10-22 11:10:52 UTC
Sorry guys, this one must have slipped through my attention. Stable now on amd64.
Comment 16 Thierry Carrez (RETIRED) gentoo-dev 2004-10-23 01:56:12 UTC
Drafted. Security please review.
Comment 17 Thierry Carrez (RETIRED) gentoo-dev 2004-10-24 07:32:20 UTC
GLSA 200410-22
Comment 18 Thierry Carrez (RETIRED) gentoo-dev 2004-11-02 09:12:22 UTC
*** Bug 69851 has been marked as a duplicate of this bug. ***
Comment 19 Rajiv Aaron Manglani (RETIRED) gentoo-dev 2004-11-02 09:14:47 UTC
*** Bug 69851 has been marked as a duplicate of this bug. ***