[gentoo-announce] UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage - gentoo-announce

From:	Sune Kloppenborg Jeppesen <jaervosz@g.o>
To:	gentoo-announce@l.g.o
Subject:	[gentoo-announce] UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage
Date:	Tue, 16 May 2006 21:01:27
Message-Id:	`200605162223.05147.jaervosz@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory [UPDATE]               GLSA 200605-13:04

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Low

8

     Title: MySQL: Information leakage

9

      Date: May 11, 2006

10

   Updated: May 15, 2006

11

      Bugs: #132146

12

        ID: 200605-13:04

13

14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

15

16

Update

17

======

18

19

For a short time version 4.0.27 was incorrectly listed as vulnerable

20

and the resolution incorrectly forced an upgrade to 4.1.x for 4.0.x users.

21

22

The updated sections appear below.

23

24

Affected packages

25

=================

26

27

    -------------------------------------------------------------------

28

     Package       /  Vulnerable  /                         Unaffected

29

    -------------------------------------------------------------------

30

  1  dev-db/mysql      < 4.1.19                              >= 4.1.19

31

                                                            *>= 4.0.27

32

33

Resolution

34

==========

35

36

All MySQL users should upgrade to the latest version.

37

38

    # emerge --sync

39

    # emerge --ask --oneshot --verbose ">=dev-db/mysql-4.0.27"

40

41

Availability

42

============

43

44

This GLSA and any updates to it are available for viewing at

45

the Gentoo Security Website:

46

47

  http://security.gentoo.org/glsa/glsa-200605-13.xml

48

49

Concerns?

50

=========

51

52

Security is a primary focus of Gentoo Linux and ensuring the

53

confidentiality and security of our users machines is of utmost

54

importance to us. Any security concerns should be addressed to

55

security@g.o or alternatively, you may file a bug at

56

http://bugs.gentoo.org.

57

58

License

59

=======

60

61

Copyright 2006 Gentoo Foundation, Inc; referenced text

62

belongs to its owner(s).

63

64

The contents of this document are licensed under the

65

Creative Commons - Attribution / Share Alike license.

66

67

http://creativecommons.org/licenses/by-sa/2.5

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory [UPDATE] GLSA 200605-13:04
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Low
8	Title: MySQL: Information leakage
9	Date: May 11, 2006
10	Updated: May 15, 2006
11	Bugs: #132146
12	ID: 200605-13:04
13
14	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16	Update
17	======
18
19	For a short time version 4.0.27 was incorrectly listed as vulnerable
20	and the resolution incorrectly forced an upgrade to 4.1.x for 4.0.x users.
21
22	The updated sections appear below.
23
24	Affected packages
25	=================
26
27	-------------------------------------------------------------------
28	Package / Vulnerable / Unaffected
29	-------------------------------------------------------------------
30	1 dev-db/mysql < 4.1.19 >= 4.1.19
31	*>= 4.0.27
32
33	Resolution
34	==========
35
36	All MySQL users should upgrade to the latest version.
37
38	# emerge --sync
39	# emerge --ask --oneshot --verbose ">=dev-db/mysql-4.0.27"
40
41	Availability
42	============
43
44	This GLSA and any updates to it are available for viewing at
45	the Gentoo Security Website:
46
47	http://security.gentoo.org/glsa/glsa-200605-13.xml
48
49	Concerns?
50	=========
51
52	Security is a primary focus of Gentoo Linux and ensuring the
53	confidentiality and security of our users machines is of utmost
54	importance to us. Any security concerns should be addressed to
55	security@g.o or alternatively, you may file a bug at
56	http://bugs.gentoo.org.
57
58	License
59	=======
60
61	Copyright 2006 Gentoo Foundation, Inc; referenced text
62	belongs to its owner(s).
63
64	The contents of this document are licensed under the
65	Creative Commons - Attribution / Share Alike license.
66
67	http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce