[devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641)
Dmitry V. Levin
=?iso-8859-1?q?ldv_=CE=C1_altlinux=2Eorg?=
Пн Мар 17 13:55:36 MSK 2008
On Mon, Mar 17, 2008 at 03:37:22PM +0500, Vladimir V. Kamarzin wrote:
> >>>>> On 17 Mar 2008 at 02:21 "QTR" == QA Team Robot writes:
>
> QTR> 13 UPDATED packages
>
> QTR> MySQL - MySQL: A very fast and reliable SQL database engine [32M]
> QTR> * Sun Mar 16 2008 L.A. Kostis <lakostis на altlinux> 5.0.51-alt2.a
> QTR> - 5.0.51a.
> QTR> - Security fixes:
> QTR> + CVE-2008-0226, CVE-2008-0227 (Three vulnerabilities in yaSSL versions 1.7.5
> QTR> that could lead to a server crash or execution of unauthorized code.)
> QTR> + ALTER VIEW retained the original DEFINER value, even when altered by
> QTR> another user, which could allow that user to gain the access rights of the
> QTR> view (MySQL #29908).
> QTR> - Add glibc-locales to -server deps (ALT #13909 #14731).
> QTR> - Make links to mysqld_safe for backwards compatibility (ALT #14863).
> QTR> - Update html documentation to 10265 revsion.
> QTR> * Tue Jan 01 2008 L.A. Kostis <lakostis на altlinux> 5.0.51-alt1
>
> Будут ли исправлены в 4.0 бранче вышеозначенные уязвимости?
Перенести в бранч?
--
ldv
----------- следующая часть -----------
Было удалено вложение не в текстовом формате...
Имя : =?iso-8859-1?q?=CF=D4=D3=D5=D4=D3=D4=D7=D5=C5=D4?=
Тип : application/pgp-signature
Размер : 197 байтов
Описание: =?iso-8859-1?q?=CF=D4=D3=D5=D4=D3=D4=D7=D5=C5=D4?=
Url : <http://lists.altlinux.org/pipermail/devel/attachments/20080317/3e0ad912/attachment-0002.bin>
Подробная информация о списке рассылки Devel