[OpenPKG-SA-2004.045] OpenPKG Security Advisory (mysql)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
________________________________________________________________________
OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security@xxxxxxxxxxx openpkg@xxxxxxxxxxx
OpenPKG-SA-2004.045 30-Oct-2004
________________________________________________________________________
Package: mysql
Vulnerability: multiple vulnerabilities
OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages:
OpenPKG CURRENT <= mysql-4.0.20-20040910 >= mysql-4.0.21-20040910
OpenPKG 2.2 none N.A.
OpenPKG 2.1 <= mysql-4.0.20-2.1.0 >= mysql-4.0.20-2.1.1
Affected Releases: Dependent Packages:
OpenPKG CURRENT apache:with_mod_php_mysql apache:with_mod_auth_mysql
bind:with_dlz_mysql cacti exim:with_mysql
jabberd:with_mysql libgda:with_mysql myodbc mysqlcc
perl-dbi:with_dbd_mysql php:with_mysql
php3:with_mysql php5:with_mysql postfix:with_mysql
powerdns:with_mysql proftpd:with_mysql
pureftpd:with_mysql qt:with_mysql rekall:with_mysql
ripe-dbase rt:with_db_mysql sasl:with_mysql
sendmail:with_mysql snort:with_mysql tacacs:with_mysql
OpenPKG 2.2 N.A.
OpenPKG 2.1 apache:with_mod_php_mysql apache:with_mod_auth_mysql
bind:with_dlz_mysql cacti exim:with_mysql
perl-dbi:with_dbd_mysql php:with_mysql
postfix:with_mysql proftpd:with_mysql
pureftpd:with_mysql qt:with_mysql sasl:with_mysql
sendmail:with_mysql snort:with_mysql
Description:
Several vulnerabilities including privilege abuse, Denial of Service,
and potentially remote arbitrary code execution have been discovered
in the MySQL RDBMS [1].
Lukasz Wojtow noticed a buffer overrun in the mysql_real_connect
function. The Common Vulnerabilities and Exposures (CVE) project
assigned the ids CAN-2004-0836 [2] to this problem.
Dean Ellis noticed that multiple threads ALTERing the same (or
different) MERGE tables to change the UNION can cause the server to
crash or stall. The Common Vulnerabilities and Exposures (CVE) project
assigned the ids CAN-2004-0837 [3] to this problem.
A crash can occur with "MATCH..AGAINST", resulting in a denial of
service (MySQL bugs 3870 and 2708). A privilege escalation can occur
with "GRANT" (MySQL bug 3933).
Please check whether you are affected by running "<prefix>/bin/rpm -q
mysql". If you have the "mysql" package installed and its version is
affected (see above), we recommend that you immediately upgrade it
(see Solution) and its dependent packages. [4][5]
Solution:
Select the updated source RPM appropriate for your OpenPKG release
[6], fetch it from the OpenPKG FTP service [7] or a mirror location,
verify its integrity [8], build a corresponding binary RPM from it
[4] and update your OpenPKG installation by applying the binary RPM
[5]. For the previous release OpenPKG 2.1, perform the following
operations to permanently fix the security problem (for other releases
adjust accordingly).
$ ftp ftp.openpkg.org
ftp> bin
ftp> cd release/2.1/UPD
ftp> get mysql-4.0.20-2.1.1.src.rpm
ftp> bye
$ <prefix>/bin/openpkg rpm -v --checksig mysql-4.0.20-2.1.1.src.rpm
$ <prefix>/bin/openpkg rpm --rebuild mysql-4.0.20-2.1.1.src.rpm
$ su -
# <prefix>/bin/openpkg rpm -Fvh <prefix>/RPM/PKG/mysql-4.0.20-2.1.1.*.rpm
Additionally, it is recommend that you rebuild and reinstall
all dependent packages (see above) as well [3][4].
________________________________________________________________________
References:
[1] http://www.mysql.com/
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837
[4] http://www.openpkg.org/tutorial.html#regular-source
[5] http://www.openpkg.org/tutorial.html#regular-binary
[6] ftp://ftp.openpkg.org/release/2.1/UPD/mysql-4.0.20-2.1.1.src.rpm
[7] ftp://ftp.openpkg.org/release/2.1/UPD/
[8] http://www.openpkg.org/security.html#signature
________________________________________________________________________
For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@xxxxxxxxxxx>" (ID 63C4CB9F) of the
OpenPKG project which you can retrieve from http://pgp.openpkg.org and
hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org/
for details on how to verify the integrity of this advisory.
________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@xxxxxxxxxxx>
iD8DBQFBg3+SgHWT4GPEy58RApPAAJ9zJUGoZWc2O/gzZU+QsEBx112GewCfeCze
ISdurW/oYeVVZe+vKZIKmYg=
=FgxI
-----END PGP SIGNATURE-----