Your message dated Thu, 15 Nov 2007 18:47:07 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#451235: fixed in mysql-dfsg-5.0 5.0.45-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: mysql-dfsg-5.0
Version: 5.0.32-7etch1
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for mysql-dfsg-5.0.
CVE-2007-5925[0]:
| The convert_search_mode_to_innobase function in ha_innodb.cc in the
| InnoDB engine in MySQL 5.1.23-BK and earlier allows remote
| authenticated users to cause a denial of service (database crash) via
| a certain CONTAINS operation on an indexed column, which triggers an
| assertion error.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpoOSe40Wgn9.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: mysql-dfsg-5.0
Source-Version: 5.0.45-3
We believe that the bug you reported is fixed in the latest version of
mysql-dfsg-5.0, which is due to be installed in the Debian FTP archive:
libmysqlclient15-dev_5.0.45-3_i386.deb
to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.45-3_i386.deb
libmysqlclient15off_5.0.45-3_i386.deb
to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.45-3_i386.deb
mysql-client-5.0_5.0.45-3_i386.deb
to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.45-3_i386.deb
mysql-client_5.0.45-3_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.45-3_all.deb
mysql-common_5.0.45-3_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.45-3_all.deb
mysql-dfsg-5.0_5.0.45-3.diff.gz
to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.45-3.diff.gz
mysql-dfsg-5.0_5.0.45-3.dsc
to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.45-3.dsc
mysql-server-5.0_5.0.45-3_i386.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.45-3_i386.deb
mysql-server_5.0.45-3_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.45-3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Norbert Tretkowski <[EMAIL PROTECTED]> (supplier of updated mysql-dfsg-5.0
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 15 Nov 2007 18:40:11 +0100
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server
mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source all i386
Version: 5.0.45-3
Distribution: unstable
Urgency: high
Maintainer: Debian MySQL Maintainers <[EMAIL PROTECTED]>
Changed-By: Norbert Tretkowski <[EMAIL PROTECTED]>
Description:
libmysqlclient15-dev - MySQL database development files
libmysqlclient15off - MySQL database client library
mysql-client - MySQL database client (meta package depending on the latest
versi
mysql-client-5.0 - MySQL database client binaries
mysql-common - MySQL database common files
mysql-server - MySQL database server (meta package depending on the latest
versi
mysql-server-5.0 - MySQL database server binaries
Closes: 451235
Changes:
mysql-dfsg-5.0 (5.0.45-3) unstable; urgency=high
.
* SECURITY:
Fix for CVE-2007-5925: The convert_search_mode_to_innobase function in
ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows
remote authenticated users to cause a denial of service (database crash)
via a certain CONTAINS operation on an indexed column, which triggers an
assertion error. (closes: #451235)
Files:
24634550564de62c9845c9938467f52b 1231 misc optional mysql-dfsg-5.0_5.0.45-3.dsc
924630d3305731f6d7feb478e4350c12 292904 misc optional
mysql-dfsg-5.0_5.0.45-3.diff.gz
2b0e72da8aa60109b3daab0403c895d8 56756 misc optional
mysql-common_5.0.45-3_all.deb
a1cbe67e61a21966fec4c9196a887bf6 50038 misc optional
mysql-server_5.0.45-3_all.deb
82173ebb83720c3a86d1d96d6cca5dd6 47840 misc optional
mysql-client_5.0.45-3_all.deb
ee7da71342e88955445b8795ba92326f 1850106 libs optional
libmysqlclient15off_5.0.45-3_i386.deb
eb44b28b101210f707f75757892565a0 7004836 libdevel optional
libmysqlclient15-dev_5.0.45-3_i386.deb
c1a5452d4f41385b4db2a1467c3e8f0b 7494098 misc optional
mysql-client-5.0_5.0.45-3_i386.deb
ad2fb2597e0159362f0a1948230d6d43 26839618 misc optional
mysql-server-5.0_5.0.45-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHPI6Ar/RnCw96jQERAg9kAJ0RQwuSLVTTPFOYYsJpj1QwqdG9MwCdGRMN
+LXWGwX4PpXY2qJ0DgUqVQU=
=AAAV
-----END PGP SIGNATURE-----
--- End Message ---
