Viewing all changes in revision 21.
- Committer: Bazaar Package Importer
- Date: 2010-06-06 23:45:00 UTC
- Revision ID: james.westby@ubuntu.com-20100606234500-lej0f8j15dt1aj7g
* SECURITY UPDATE: privilege check bypass via crafted table name argument
to COM_FIELD_LIST
- debian/patches/111_CVE-2010-1848.dpatch: check table name in
sql/sql_parse.cc, Add tests to tests/mysql_client_test.c.
- CVE-2010-1848
* SECURITY UPDATE: denial of service via large packets
- debian/patches/110_CVE-2010-1849.dpatch: handle big packets in
sql/sql_parse.cc, include/mysql_com.h, sql/net_serv.cc.
- CVE-2010-1849
* SECURITY UPDATE: arbitrary code execution via crafted table name
argument to COM_FIELD_LIST
- debian/patches/109_CVE-2010-1850.dpatch: check table name length in
sql/sql_parse.cc.
- CVE-2010-1850
* SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
- debian/patches/112_CVE-2010-1626.dpatch: check for symlinks in
myisam/mi_delete_table.c.
- CVE-2010-1626
to COM_FIELD_LIST
- debian/patches/111_CVE-2010-1848.dpatch: check table name in
sql/sql_parse.cc, Add tests to tests/mysql_client_test.c.
- CVE-2010-1848
* SECURITY UPDATE: denial of service via large packets
- debian/patches/110_CVE-2010-1849.dpatch: handle big packets in
sql/sql_parse.cc, include/mysql_com.h, sql/net_serv.cc.
- CVE-2010-1849
* SECURITY UPDATE: arbitrary code execution via crafted table name
argument to COM_FIELD_LIST
- debian/patches/109_CVE-2010-1850.dpatch: check table name length in
sql/sql_parse.cc.
- CVE-2010-1850
* SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
- debian/patches/112_CVE-2010-1626.dpatch: check for symlinks in
myisam/mi_delete_table.c.
- CVE-2010-1626
expand all
collapse all
added
removed
