Opened 19 years ago
Closed 19 years ago
#1515 closed defect (fixed)
MySQL-4.1.14 (vulnerability fix)
| Reported by: | Owned by: | Randy McMurchy | |
|---|---|---|---|
| Priority: | high | Milestone: | 6.2.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
The reference talks of a vulnerability in user-defined functions (severity low) from a buffer overflow. My re-reading of the report eventually convinced me that it is fixed in 4.1.13. Certainly there is a code change in sql/sql_udf.cc that looks reevant, but nothing in the ChangeLog!
Latest version is 4.1.13a (extra fixes for people using the static libz from
the mysql package), recommend upgrading both 6.1 and svn.
The current instructions for 4.1.12 build and test ok on my LFS-6.1 desktop
with a 2.6.13-rc5 kernel, but I haven't attempted to install this.
Ken
Change History (4)
comment:1 by , 19 years ago
| Summary: | Vulnerability in mysql, fixed in 4.1.13 → MySQL-4.1.13 (vulnerability fix) |
|---|
comment:2 by , 19 years ago
| Milestone: | future → 6.2 |
|---|---|
| Owner: | changed from to |
| Summary: | MySQL-4.1.13 (vulnerability fix) → MySQL-4.1.14 (vulnerability fix) |
| Version: | d-6.1 → a-SVN |
Version increment to 4.1.14
comment:3 by , 19 years ago
| Status: | new → assigned |
|---|
comment:4 by , 19 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Updated BLFS to MySQL-4.1.14
Note:
See TracTickets
for help on using tickets.
Tagging this as a version increment. Here is a link to the download page:
http://dev.mysql.com/downloads/mysql/4.1.html#Source