full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] [ MDVSA-2010:011 ] mysql

[Full-disclosure] [ MDVSA-2010:011 ] mysql

From: <security_at_nospam>
Date: Sun Jan 17 2010 - 22:15:01 GMT
To: full-disclosure@lists.grok.org.uk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Mandriva Linux Security Advisory MDVSA-2010:011  http://www.mandriva.com/security/
Package : mysql Date : January 17, 2010 Affected: 2008.0, 2009.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in mysql:  

 mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does  not (1) properly handle errors during execution of certain SELECT  statements with subqueries, and does not (2) preserve certain  null_value flags during execution of statements that use the  GeomFromWKB function, which allows remote authenticated users to  cause a denial of service (daemon crash) via a crafted statement  (CVE-2009-4019).    The vio_verify_callback function in viosslfactories.c in MySQL  5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,  accepts a value of zero for the depth of X.509 certificates, which  allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL  servers via a crafted certificate, as demonstrated by a certificate  presented by a server linked against the yaSSL library (CVE-2009-4028).  

 MySQL 5.1.x before 5.1.41 allows local users to bypass certain  privilege checks by calling CREATE TABLE on a MyISAM table with  modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments  that are originally associated with pathnames without symlinks,  and that can point to tables created at a future time at which a  pathname is modified to contain a symlink to a subdirectory of the  MySQL data home directory, related to incorrect calculation of the  mysql_unpacked_real_data_home value. NOTE: this vulnerability exists  because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079  (CVE-2009-4030).    Packages for 2008.0 are provided for Corporate Desktop 2008.0  customers.  

 The updated packages have been patched to correct these  issues. Additionally for 2009.0 and MES5 mysql has also been upgraded  to the last stable 5.0 release (5.0.89).


 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4030 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-87.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-89.html
_______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0: 52156c6c7dba02ea832510d73ef02deb 2008.0/i586/libmysql15-5.0.45-8.4mdv2008.0.i586.rpm 53eebd8dccb55dd2e8f0a8f87caaf3b0 2008.0/i586/libmysql-devel-5.0.45-8.4mdv2008.0.i586.rpm c0632b9df5c962e1ca8ed838b088da8b 2008.0/i586/libmysql-static-devel-5.0.45-8.4mdv2008.0.i586.rpm f02c5fc0513cfc39c01ad21e7b5e7edd 2008.0/i586/mysql-5.0.45-8.4mdv2008.0.i586.rpm ce135fcc22986e9fe75d046d8214b8ae 2008.0/i586/mysql-bench-5.0.45-8.4mdv2008.0.i586.rpm 619cfa0e7d78d404bc61b8a5f4eb17e9 2008.0/i586/mysql-client-5.0.45-8.4mdv2008.0.i586.rpm 64009281c17a9a6dd7c6384134524453 2008.0/i586/mysql-common-5.0.45-8.4mdv2008.0.i586.rpm 1ac7689f55069fd235952b818624c2e2 2008.0/i586/mysql-max-5.0.45-8.4mdv2008.0.i586.rpm fef4fef755eb747ad9e00f60f97b6b2b 2008.0/i586/mysql-ndb-extra-5.0.45-8.4mdv2008.0.i586.rpm 494aa4646fbc967b22186dbc9e418001 2008.0/i586/mysql-ndb-management-5.0.45-8.4mdv2008.0.i586.rpm 58d95a6fdf0b9b1edcfcef7ec69d36fe 2008.0/i586/mysql-ndb-storage-5.0.45-8.4mdv2008.0.i586.rpm 80bc40abba82c332f5ca0394c160dd2a 2008.0/i586/mysql-ndb-tools-5.0.45-8.4mdv2008.0.i586.rpm a0fbad6a7f94fd5382601ca8d32cb7c8 2008.0/SRPMS/mysql-5.0.45-8.4mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64: 02fd0b09ae47bc94aa3eb110099973aa 2008.0/x86_64/lib64mysql15-5.0.45-8.4mdv2008.0.x86_64.rpm b7b976c0148f2b6c4c8044d4f0774339 2008.0/x86_64/lib64mysql-devel-5.0.45-8.4mdv2008.0.x86_64.rpm b501227c5cc8f50616534437cd53bfbb 2008.0/x86_64/lib64mysql-static-devel-5.0.45-8.4mdv2008.0.x86_64.rpm caef775cdfb0ab79d17f8059008fc121 2008.0/x86_64/mysql-5.0.45-8.4mdv2008.0.x86_64.rpm f1888d061138183ebad250aea222bbeb 2008.0/x86_64/mysql-bench-5.0.45-8.4mdv2008.0.x86_64.rpm 0bee0bac8aceed2382baeed0939ced56 2008.0/x86_64/mysql-client-5.0.45-8.4mdv2008.0.x86_64.rpm 63942af1015667ae55aadd25b6510d58 2008.0/x86_64/mysql-common-5.0.45-8.4mdv2008.0.x86_64.rpm 7733ea0f4521e7478c1cf0a0355500cc 2008.0/x86_64/mysql-max-5.0.45-8.4mdv2008.0.x86_64.rpm b1ca0a84f090d8ad80396dd7e7c83951 2008.0/x86_64/mysql-ndb-extra-5.0.45-8.4mdv2008.0.x86_64.rpm 0e533b8ba30d09fe72791b0a478dc980 2008.0/x86_64/mysql-ndb-management-5.0.45-8.4mdv2008.0.x86_64.rpm d0957597d5d9f5c86eaeac2221f39e78 2008.0/x86_64/mysql-ndb-storage-5.0.45-8.4mdv2008.0.x86_64.rpm cf8f68b9ffe6c59bfa794d376aaf751c 2008.0/x86_64/mysql-ndb-tools-5.0.45-8.4mdv2008.0.x86_64.rpm a0fbad6a7f94fd5382601ca8d32cb7c8 2008.0/SRPMS/mysql-5.0.45-8.4mdv2008.0.src.rpm

 Mandriva Linux 2009.0: 2e28952a24e2f6901bf85d979b8b1c46 2009.0/i586/libmysql15-5.0.89-0.1mdv2009.0.i586.rpm 6672ffa72e237709ed9a99ce144598d2 2009.0/i586/libmysql-devel-5.0.89-0.1mdv2009.0.i586.rpm c60cf534fd87eaa01b1a020de9f03e5e 2009.0/i586/libmysql-static-devel-5.0.89-0.1mdv2009.0.i586.rpm c03211be98622a33fdc4ee9dbbc8d716 2009.0/i586/mysql-5.0.89-0.1mdv2009.0.i586.rpm 48fd7a7e77defa470c7ac5f3dd49980b 2009.0/i586/mysql-bench-5.0.89-0.1mdv2009.0.i586.rpm f5ffba54fb2b9e9a259e074b50c70ea7 2009.0/i586/mysql-client-5.0.89-0.1mdv2009.0.i586.rpm 6edc821439726b682d966fd9996ea54b 2009.0/i586/mysql-common-5.0.89-0.1mdv2009.0.i586.rpm d900686ed87347b2f0a5e7a32f007be9 2009.0/i586/mysql-doc-5.0.89-0.1mdv2009.0.i586.rpm e9c960732a0a656344a7ff6e94eac3ab 2009.0/i586/mysql-max-5.0.89-0.1mdv2009.0.i586.rpm a386fab18c84eaaa1217b6055821f769 2009.0/i586/mysql-ndb-extra-5.0.89-0.1mdv2009.0.i586.rpm 6944b96baa536d4d18df6fc339b2301f 2009.0/i586/mysql-ndb-management-5.0.89-0.1mdv2009.0.i586.rpm c4bbe041699b7feff34664258e20732f 2009.0/i586/mysql-ndb-storage-5.0.89-0.1mdv2009.0.i586.rpm f5e48810839696fe3a5cb5cba7d71951 2009.0/i586/mysql-ndb-tools-5.0.89-0.1mdv2009.0.i586.rpm 15a56088b4622bebf915a6971c6ba081 2009.0/SRPMS/mysql-5.0.89-0.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64: 15ccf636dee25985ac7d75d12e64ac38 2009.0/x86_64/lib64mysql15-5.0.89-0.1mdv2009.0.x86_64.rpm 3abe6b605dbdbd25cb9cdcda86464de7 2009.0/x86_64/lib64mysql-devel-5.0.89-0.1mdv2009.0.x86_64.rpm 490c28551b5994f9bbf69d0995550afc 2009.0/x86_64/lib64mysql-static-devel-5.0.89-0.1mdv2009.0.x86_64.rpm f10fbc859e53b88935eb8323f7c7e80f 2009.0/x86_64/mysql-5.0.89-0.1mdv2009.0.x86_64.rpm db7c697849e5eaacf4a5eac0770de778 2009.0/x86_64/mysql-bench-5.0.89-0.1mdv2009.0.x86_64.rpm ffeb4bc0d6ee6f822bdca0765c19aefc 2009.0/x86_64/mysql-client-5.0.89-0.1mdv2009.0.x86_64.rpm 561d93e27e2804333ffbec1ede7380c8 2009.0/x86_64/mysql-common-5.0.89-0.1mdv2009.0.x86_64.rpm 8d80f87abdb8cd4cb9370a875fea6c55 2009.0/x86_64/mysql-doc-5.0.89-0.1mdv2009.0.x86_64.rpm 971b1382e1b2a483c779bb43a1bfd632 2009.0/x86_64/mysql-max-5.0.89-0.1mdv2009.0.x86_64.rpm 009d4f98061226eee877747bf8107791 2009.0/x86_64/mysql-ndb-extra-5.0.89-0.1mdv2009.0.x86_64.rpm a422f3b9c65617e4663d7ca62a599752 2009.0/x86_64/mysql-ndb-management-5.0.89-0.1mdv2009.0.x86_64.rpm 045c2e9004ca9b32743f80c11ccaabc5 2009.0/x86_64/mysql-ndb-storage-5.0.89-0.1mdv2009.0.x86_64.rpm 0659a3929f24e8dcc03f73bc32339251 2009.0/x86_64/mysql-ndb-tools-5.0.89-0.1mdv2009.0.x86_64.rpm 15a56088b4622bebf915a6971c6ba081 2009.0/SRPMS/mysql-5.0.89-0.1mdv2009.0.src.rpm

 Corporate 4.0: bf3171e73b3065a88389f79053905588 corporate/4.0/i586/libmysql15-5.0.45-7.5.20060mlcs4.i586.rpm 2e50b66392ec5ac2b9f11fca8ed5930c corporate/4.0/i586/libmysql-devel-5.0.45-7.5.20060mlcs4.i586.rpm 0a605644b49120cf7d66724c995529a6 corporate/4.0/i586/libmysql-static-devel-5.0.45-7.5.20060mlcs4.i586.rpm 0cf43ed6190b6b6556f225696cdd555d corporate/4.0/i586/mysql-5.0.45-7.5.20060mlcs4.i586.rpm 528abc387bc6a4924cc9c73b2c121a99 corporate/4.0/i586/mysql-bench-5.0.45-7.5.20060mlcs4.i586.rpm 60043fdfaac8bdb5b25b52f1db650696 corporate/4.0/i586/mysql-client-5.0.45-7.5.20060mlcs4.i586.rpm 5113d4169e3291c1badeafe25dc382c3 corporate/4.0/i586/mysql-common-5.0.45-7.5.20060mlcs4.i586.rpm e0dd09cec8a064c71e9a98216782efb5 corporate/4.0/i586/mysql-max-5.0.45-7.5.20060mlcs4.i586.rpm 4e1000a31bd21f8aa9fb793ec892ee4c corporate/4.0/i586/mysql-ndb-extra-5.0.45-7.5.20060mlcs4.i586.rpm 035853a97dfb989ac014bb2e3344fd25 corporate/4.0/i586/mysql-ndb-management-5.0.45-7.5.20060mlcs4.i586.rpm e1fcdc94a8e7310bed82b066c7c59409 corporate/4.0/i586/mysql-ndb-storage-5.0.45-7.5.20060mlcs4.i586.rpm 956c538f81013446d7d51d3a05edebcc corporate/4.0/i586/mysql-ndb-tools-5.0.45-7.5.20060mlcs4.i586.rpm 45375c56eae6358757ff43a387ba409f corporate/4.0/SRPMS/mysql-5.0.45-7.5.20060mlcs4.src.rpm

 Corporate 4.0/X86_64: 99851815b12a0f2c18ec6e4ca21a96ad corporate/4.0/x86_64/lib64mysql15-5.0.45-7.5.20060mlcs4.x86_64.rpm 17eb6293dbe8be53eedbe855ce7a0923 corporate/4.0/x86_64/lib64mysql-devel-5.0.45-7.5.20060mlcs4.x86_64.rpm f9fede8da85173b3057d6246e57fe6c8 corporate/4.0/x86_64/lib64mysql-static-devel-5.0.45-7.5.20060mlcs4.x86_64.rpm aecec26bcdeee422d459a2954f04b672 corporate/4.0/x86_64/mysql-5.0.45-7.5.20060mlcs4.x86_64.rpm 7a5bf0a23e30f5a90d9d4854336deffe corporate/4.0/x86_64/mysql-bench-5.0.45-7.5.20060mlcs4.x86_64.rpm 4d94c1edf901b2684bfa8dc068bb3104 corporate/4.0/x86_64/mysql-client-5.0.45-7.5.20060mlcs4.x86_64.rpm 9d64073c0b6dcd8105287ff63f0a0c4a corporate/4.0/x86_64/mysql-common-5.0.45-7.5.20060mlcs4.x86_64.rpm a45f67cbcbd94f7a2bdd52c7c8e0b63c corporate/4.0/x86_64/mysql-max-5.0.45-7.5.20060mlcs4.x86_64.rpm 16992665a228aaeabf1173091f42851d corporate/4.0/x86_64/mysql-ndb-extra-5.0.45-7.5.20060mlcs4.x86_64.rpm d671fbc049723408cd54887e515254a5 corporate/4.0/x86_64/mysql-ndb-management-5.0.45-7.5.20060mlcs4.x86_64.rpm aa940e6938a3df48a633f330e9b052e4 corporate/4.0/x86_64/mysql-ndb-storage-5.0.45-7.5.20060mlcs4.x86_64.rpm 59bbb6d07f0cae5ed7c15ab64a4d87a6 corporate/4.0/x86_64/mysql-ndb-tools-5.0.45-7.5.20060mlcs4.x86_64.rpm 45375c56eae6358757ff43a387ba409f corporate/4.0/SRPMS/mysql-5.0.45-7.5.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5: 718de612bced10178e020ae27fe1a1b5 mes5/i586/libmysql15-5.0.89-0.1mdvmes5.i586.rpm dc2a9a11dfcb48ac2f8d0956c261f96d mes5/i586/libmysql-devel-5.0.89-0.1mdvmes5.i586.rpm 924a335d5f67b15a292936bf3c5443c1 mes5/i586/libmysql-static-devel-5.0.89-0.1mdvmes5.i586.rpm 21f0efd48beee9399f25fcb5582a9512 mes5/i586/mysql-5.0.89-0.1mdvmes5.i586.rpm 37cbbc23f76140121f48192591113052 mes5/i586/mysql-bench-5.0.89-0.1mdvmes5.i586.rpm e1c6f2262400d34f83d2d42ed139a888 mes5/i586/mysql-client-5.0.89-0.1mdvmes5.i586.rpm 46b17b10f926516b26258ede8f4ea65f mes5/i586/mysql-common-5.0.89-0.1mdvmes5.i586.rpm d3a605169330d36b7c947870091c34d4 mes5/i586/mysql-doc-5.0.89-0.1mdvmes5.i586.rpm 56d9aa1a50948d7dbfa85879ae518de2 mes5/i586/mysql-max-5.0.89-0.1mdvmes5.i586.rpm 9c960d3059181c42c92db59ffb01884d mes5/i586/mysql-ndb-extra-5.0.89-0.1mdvmes5.i586.rpm 1a62e09b43038c8ce7bbf347bfa34c1e mes5/i586/mysql-ndb-management-5.0.89-0.1mdvmes5.i586.rpm 1b4218e50795d67c4f3798d1e180c642 mes5/i586/mysql-ndb-storage-5.0.89-0.1mdvmes5.i586.rpm 6eedeb5e0a43780370b4841d30d9e724 mes5/i586/mysql-ndb-tools-5.0.89-0.1mdvmes5.i586.rpm 646fbf2aa6a8f66a7fccac739c67c32d mes5/SRPMS/mysql-5.0.89-0.1mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64: bf30cbec79c8448170f88cc413041a35 mes5/x86_64/lib64mysql15-5.0.89-0.1mdvmes5.x86_64.rpm dac1cd73b8dd75a5b853f58c420dabe5 mes5/x86_64/lib64mysql-devel-5.0.89-0.1mdvmes5.x86_64.rpm 5a431485ef2ec397388a5cf2968d4560 mes5/x86_64/lib64mysql-static-devel-5.0.89-0.1mdvmes5.x86_64.rpm dfaea673e8d9028a706c5354a5b9bc5d mes5/x86_64/mysql-5.0.89-0.1mdvmes5.x86_64.rpm 03dce9f103187746e6fa682b98ae9812 mes5/x86_64/mysql-bench-5.0.89-0.1mdvmes5.x86_64.rpm d39c93b7132cd9b1c22d78ce7bef1ff7 mes5/x86_64/mysql-client-5.0.89-0.1mdvmes5.x86_64.rpm 489bf11ad3b952902708e4be2b083795 mes5/x86_64/mysql-common-5.0.89-0.1mdvmes5.x86_64.rpm 4312a570eaecd156947e614c33f651e5 mes5/x86_64/mysql-doc-5.0.89-0.1mdvmes5.x86_64.rpm 2dbf910909ccab61e849083d57a7dde2 mes5/x86_64/mysql-max-5.0.89-0.1mdvmes5.x86_64.rpm 2223c5ee628aa4624e77d6647a153891 mes5/x86_64/mysql-ndb-extra-5.0.89-0.1mdvmes5.x86_64.rpm 3605cf8261c979d52dec00945f1fe0da mes5/x86_64/mysql-ndb-management-5.0.89-0.1mdvmes5.x86_64.rpm 0e6d563485135c130b461432b7c6d008 mes5/x86_64/mysql-ndb-storage-5.0.89-0.1mdvmes5.x86_64.rpm 114419378d29f2cff2e5a74769a3bb4d mes5/x86_64/mysql-ndb-tools-5.0.89-0.1mdvmes5.x86_64.rpm 646fbf2aa6a8f66a7fccac739c67c32d mes5/SRPMS/mysql-5.0.89-0.1mdvmes5.src.rpm
_______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi. The verification  of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security. You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com


 Type Bits/KeyID Date User ID
 pub 1024D/22458A98 2000-07-10 Mandriva Security Team   <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLU11dmqjQ0CJFipgRAjVaAKDgmPHANhOzKsHvLZERep6pdIPDrACfVLsZ 28YOITV3hdzuqB+otcFiTbk=
=cmQg
-----END PGP SIGNATURE-----



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/