Hello
On 2005-07-26 Moritz MÃŒhlenhoff wrote:
> > The patch is incomplete because it does not address the CAN-2005-1849
> > issue.
>
> Are you referring to the extended ENOUGH and MAXD sizes? Yes, this
> really seems missing and should be reported upstream.
I'll do.
thanks,
-christian-
* Moritz Muehlenhoff:
> MySQL bundles a copy of zlib, which is vulnerable to DoS and potential
> arbitrary code execution due to a buffer overflow in the inflate function.
It doesn't seem to be compiled into the executables, though.
Could you provide some evidence that static linking is indeed t
Hello
On 2005-07-25 Moritz Muehlenhoff wrote:
> MySQL bundles a copy of zlib, which is vulnerable to DoS and potential
> arbitrary code execution due to a buffer overflow in the inflate function.
The bundled zlib version is not used if I interpret the output of
"./configure" and "ldd /usr/sbin/my
Package: mysql-dfsg-4.1
Version: 4.1.12-1 (not installed)
Severity: grave
Tags: security patch
MySQL bundles a copy of zlib, which is vulnerable to DoS and potential
arbitrary code execution due to a buffer overflow in the inflate function.
This is fixed in latest 4.1.13 upstream or in the Bitkee
4 matches
Mail list logo
