Processed: Re: Bug#330164: acknowledged by developer (Re: Bug#330164: mysql-server-4.1: Authentication bypass)

2005-09-28 Thread Debian Bug Tracking System
Processing commands for [EMAIL PROTECTED]: > reopen 330164 Bug#330164: mysql-server-4.1: Authentication bypass Bug reopened, originator not changed. > reassign 330164 mysql-server Bug#330164: mysql-server-4.1: Authentication bypass Bug reassigned from package `mysql-server-4.1' to `m

Bug#330164: acknowledged by developer (Re: Bug#330164: mysql-server-4.1: Authentication bypass)

2005-09-28 Thread Christian Hammers
reopen 330164 reassign 330164 mysql-server found 330164 4.0.24-10 found 330164 3.23.49-8.13 thanks Hello Martin On 2005-09-28 Martin Pitt wrote: > Debian Bug Tracking System [2005-09-26 11:33 -0700]: > > > - as you stated in your next mail, it doesn't seem that sarge/4.0 is > > > affected. - sa

Bug#330164: acknowledged by developer (Re: Bug#330164: mysql-server-4.1: Authentication bypass)

2005-09-27 Thread Martin Pitt
Hi Christian! Debian Bug Tracking System [2005-09-26 11:33 -0700]: > > - as you stated in your next mail, it doesn't seem that sarge/4.0 is > > affected. - sarge doesn't carry a 5.0 version > > - thus all sid versions should be okay too. > > After checking the advisory I would say that Sean is

Bug#330164: mysql-server-4.1: Authentication bypass

2005-09-26 Thread sean finney
hi, On Mon, Sep 26, 2005 at 03:05:51PM +0200, Martin Pitt wrote: > MySQL 4.1 and 5.0 are prone to an authentication bypass: > > http://www.nextgenss.com/advisories/mysql-authbypass.txt um, did you check the date on that advisory? Name: MySQL Authentication Bypass / buffer overflow Systems Affe

Bug#330164: mysql-server-4.1: Authentication bypass

2005-09-26 Thread Martin Pitt
Hi Christian! Christian Hammers [2005-09-26 15:34 +0200]: > Hello Martin > > On 2005-09-26 Martin Pitt wrote: > > MySQL 4.1 and 5.0 are prone to an authentication bypass: > > http://www.nextgenss.com/advisories/mysql-authbypass.txt > > 4.0 seems to be unaffected. There is no CAN number yet. > >

Bug#330164: mysql-server-4.1: Authentication bypass

2005-09-26 Thread Christian Hammers
Hello Martin On 2005-09-26 Martin Pitt wrote: > MySQL 4.1 and 5.0 are prone to an authentication bypass: > http://www.nextgenss.com/advisories/mysql-authbypass.txt > 4.0 seems to be unaffected. There is no CAN number yet. Thanks for notifying. I woudn't rely on 4.0 beeing unaffected as MySQL di

Bug#330164: mysql-server-4.1: Authentication bypass

2005-09-26 Thread Martin Pitt
Package: mysql-server-4.1 Version: 4.1.12-1 Severity: grave Tags: security Hi Christian! MySQL 4.1 and 5.0 are prone to an authentication bypass: http://www.nextgenss.com/advisories/mysql-authbypass.txt 4.0 seems to be unaffected. There is no CAN number yet. Thanks, Martin -- Martin Pitt