From openpkg@openpkg.org Wed Jan 29 13:32:45 2003 From: OpenPKG To: bugtraq@securityfocus.com Date: Wed, 29 Jan 2003 15:52:07 +0100 Subject: [OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security@openpkg.org openpkg@openpkg.org OpenPKG-SA-2003.008 29-Jan-2003 ________________________________________________________________________ Package: mysql Vulnerability: double free can cause denial of service OpenPKG Specific: no Affected Releases: Affected Packages: Corrected Packages: OpenPKG CURRENT <= mysql-3.23.54a-20030116 >= mysql-3.23.55-20030124 OpenPKG 1.2 <= mysql-3.23.54a-1.2.0 >= mysql-3.23.54a-1.2.1 OpenPKG 1.1 <= mysql-3.23.52-1.1.1 >= mysql-3.23.52-1.1.2 Affected Releases: Dependent Packages: none Description: Vincent Danen of Mandrake Linux noticed that according to the change log [0] for MySQL release 3.23.55 [1] a vulnerbility has been fixed where a double-free pointer bug in mysql_change_user() handling enabled a specially hacked version of MySQL client to crash mysqld. The vendor states that one needs to successfully login to the server by using a valid user account to be able to exploit this bug. Please check whether you are affected by running "/bin/rpm -q mysql". If you have the "mysql" package installed and its version is affected (see above), we recommend that you immediately upgrade it (see Solution). [2][3] Solution: Select the updated source RPM appropriate for your OpenPKG release [4][5], fetch it from the OpenPKG FTP service [6][7] or a mirror location, verify its integrity [8], build a corresponding binary RPM from it [2] and update your OpenPKG installation by applying the binary RPM [3]. For the current release OpenPKG 1.2, perform the following operations to permanently fix the security problem (for other releases adjust accordingly). $ ftp ftp.openpkg.org ftp> bin ftp> cd release/1.2/UPD ftp> get mysql-3.23.54a-1.2.1.src.rpm ftp> bye $ /bin/rpm -v --checksig mysql-3.23.54a-1.2.1.src.rpm $ /bin/rpm --rebuild mysql-3.23.54a-1.2.1.src.rpm $ su - # /bin/rpm -Fvh /RPM/PKG/mysql-3.23.54a-1.2.1.*.rpm ________________________________________________________________________ References: [0] http://www.mysql.com/doc/en/News-3.23.55.html [1] http://www.mysql.com/ [2] http://www.openpkg.org/tutorial.html#regular-source [3] http://www.openpkg.org/tutorial.html#regular-binary [4] ftp://ftp.openpkg.org/release/1.1/UPD/mysql-3.23.52-1.1.2.src.rpm [5] ftp://ftp.openpkg.org/release/1.2/UPD/mysql-3.23.54a-1.2.1.src.rpm [6] ftp://ftp.openpkg.org/release/1.1/UPD/ [7] ftp://ftp.openpkg.org/release/1.2/UPD/ [8] http://www.openpkg.org/security.html#signature ________________________________________________________________________ For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG " (ID 63C4CB9F) of the OpenPKG project which you can find under the official URL http://www.openpkg.org/openpkg.pgp or on http://keyserver.pgp.com/. To check the integrity of this advisory, verify its digital signature by using GnuPG (http://www.gnupg.org/). For instance, pipe this message to the command "gpg --verify --keyserver keyserver.pgp.com". ________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Comment: OpenPKG iD8DBQE+N9gEgHWT4GPEy58RAqygAJ99b9BRMrnG8b5/RermS5QQz08tkQCeLq3s e3UDxVtK5aGXWeiQvXIHVOM= =egoK -----END PGP SIGNATURE-----