1
PublicDateAtUSN: 2010-11-05
2
Candidate: CVE-2010-3833
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3833
6
https://usn.ubuntu.com/usn/usn-1017-1
8
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not
9
properly propagate type errors, which allows remote attackers to cause a
10
denial of service (server crash) via crafted arguments to extreme-value
11
functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and
12
a "CREATE TABLE ... SELECT."
15
jdstrand> mysql-cluster-7.0 not supported per server team
16
mdeslaur> can't reproduce on dapper, and code is different
18
http://bugs.mysql.com/bug.php?id=55826
19
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599937
20
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3833
25
Patches_mysql-dfsg-5.0:
26
upstream_mysql-dfsg-5.0: needs-triage
27
dapper_mysql-dfsg-5.0: not-affected
28
hardy_mysql-dfsg-5.0: released (5.0.51a-3ubuntu5.8)
29
karmic_mysql-dfsg-5.0: ignored (reached end-of-life)
30
lucid_mysql-dfsg-5.0: DNE
31
maverick_mysql-dfsg-5.0: DNE
32
natty_mysql-dfsg-5.0: DNE
33
oneiric_mysql-dfsg-5.0: DNE
34
devel_mysql-dfsg-5.0: DNE
36
Patches_mysql-dfsg-5.1:
37
upstream: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/3461.1.20
38
upstream_mysql-dfsg-5.1: released (5.1.51)
39
dapper_mysql-dfsg-5.1: DNE
40
hardy_mysql-dfsg-5.1: DNE
41
karmic_mysql-dfsg-5.1: released (5.1.37-1ubuntu5.5)
42
lucid_mysql-dfsg-5.1: released (5.1.41-3ubuntu12.7)
43
maverick_mysql-dfsg-5.1: DNE
44
natty_mysql-dfsg-5.1: DNE
45
oneiric_mysql-dfsg-5.1: DNE
46
devel_mysql-dfsg-5.1: DNE
49
upstream_mysql-5.1: released (5.1.51)
54
maverick_mysql-5.1: released (5.1.49-1ubuntu8.1)
55
natty_mysql-5.1: not-affected (5.1.54-1ubuntu2)
56
oneiric_mysql-5.1: not-affected (5.1.54-1ubuntu2)
57
devel_mysql-5.1: not-affected (5.1.54-1ubuntu2)
59
Patches_mysql-cluster-7.0:
60
upstream_mysql-cluster-7.0: needs-triage
61
dapper_mysql-cluster-7.0: DNE
62
hardy_mysql-cluster-7.0: DNE
63
karmic_mysql-cluster-7.0: DNE
64
lucid_mysql-cluster-7.0: ignored
65
maverick_mysql-cluster-7.0: ignored
66
natty_mysql-cluster-7.0: ignored
67
oneiric_mysql-cluster-7.0: ignored
68
devel_mysql-cluster-7.0: DNE