Martin Schulze wrote:
> Christian Hammers wrote:
> > Hello Security Team
> >
> > Are you aware of this bug? The "interdiff" patch are already in the BTS.
> >
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319526
> > Applied the upstream patch that fixes a tempfile vulnerability in the
> > mysqld_install_db script that was found by Eric Romang and allows an
> > attacker to execute arbitrary SQL commands when the server is
> > installed
> > or updated. The issue is known as CAN-2005-1636, the patch was made by
> > comparing this version against the one from 4.1.12.
>
> Thanks a lot for the update!
> I'll build packages, but will strip off the po file updates.
Which package in unstable will fix this problem? Or is it not present
in that distribution?
Regards,
Joey
--
MIME - broken solution for a broken design. -- Ralf Baechle
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
