Michael, It's probably the problem announced on bugtraq last week, described here:
http://security.e-matters.de/advisories/042002.html Several organisations have released new mysql packages to fix this but I haven't seen any mention about a Redhat fix. From the nature of the problem I bet we'd have seen an announcement from RH that it wasn't vulnerable if that were the case, but, since we haven't, I guessing a fix just hasn't been put together yet. If you've seen any announcements about this from RH I'd appreciate a pointer in that direction. >From the changelog on www.mysql.com: ------------------- D.3.2 Changes in release 3.23.54 (5 Dec 2002) * Fixed a bug, that allowed to crash mysqld with a specially crafted packet. * Fixed buffer overrun in libmysqlclient library that allowed malicious MySQL server to crash the client application. * Fixed security-related bug in mysql_change_user() handling. All users are strongly recommended to upgrade to the version 3.23.54. ------------------- Regards, Mike Klinke On Saturday 21 December 2002 11:54, Michael Schwendt wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sat, 21 Dec 2002 11:36:07 -0000, Andy Kirk wrote: > > I am new to Linux, and have been advised to solve a MySQL problem on > > RH8, > > Have Red Hat been informed about that problem with their version > of MySQL? > > What problem is it? > > > I need to remove the MySQL RPM that came with RH8, and load the > > MySQL 3.23.54 RPM from www.mysql.com. > > > > My question is, what commands do I need to run to remove the existing > > RPM, and then install the new RPM. > > man rpm -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
