[OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql)

[OpenPKG <openpkg () openpkg org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory                            The OpenPKG Project
http://www.openpkg.org/security.html              http://www.openpkg.org
openpkg-security () openpkg org                         openpkg () openpkg org
OpenPKG-SA-2002.013                                          16-Dec-2002
________________________________________________________________________

Package:             mysql
Vulnerability:       password bypass, arbitrary code execution
OpenPKG Specific:    no

Dependent Packages:  apache, myodbc, perl-dbi, postfix

Affected Releases:   Affected Packages:         Corrected Packages:
OpenPKG 1.0          <= mysql-3.23.46-1.0.0     >= mysql-3.23.46-1.0.1
OpenPKG 1.1          <= mysql-3.23.52-1.1.0     >= mysql-3.23.52-1.1.1
OpenPKG CURRENT      <= mysql-3.23.53-20021204  >= mysql-3.23.54-20021212

Description:
  The e-matters [0] company discovered two flaws [1] within the MySQL
  [2] server that can be used by any MySQL user to crash the server.
  One of the flaws can be used to bypass the MySQL password check or
  to execute arbitrary code with the privileges of the user running
  mysqld(8).

  They also discovered an arbitrary size heap overflow within the
  MySQL client library and another vulnerability that allows to write
  '\0' to any memory address. Both flaws could allow DOS attacks
  against or arbitrary code execution within anything linked against
  libmysqlclient.

  Check whether you are affected by running "<prefix>/bin/rpm -q mysql".
  If you have an affected version of the "mysql" package (see above),
  please upgrade it according to the solution below.

Solution:
  Update existing packages to newly patched versions of MySQL. Select the
  updated source RPM appropriate for your OpenPKG release [3][4][5], and
  fetch it from the OpenPKG FTP service or a mirror location. Verify its
  integrity [6], build a corresponding binary RPM from it and update your
  OpenPKG installation by applying the binary RPM [7]. For the latest
  OpenPKG 1.1 release, perform the following operations to permanently fix
  the security problem (for other releases adjust accordingly).

  $ ftp ftp.openpkg.org
  ftp> bin
  ftp> cd release/1.1/UPD
  ftp> get mysql-3.23.52-1.1.1.src.rpm
  ftp> bye
  $ <prefix>/bin/rpm -v --checksig mysql-3.23.52-1.1.1.src.rpm
  $ <prefix>/bin/rpm --rebuild mysql-3.23.52-1.1.1.src.rpm
  $ su -
  # <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/mysql-3.23.52-1.1.1.*.rpm
  # <prefix>/etc/rc mysql stop start
________________________________________________________________________

References:
  [0] http://www.e-matters.de/
  [1] http://security.e-matters.de/advisories/042002.html
  [2] http://www.mysql.com/
  [3] ftp://ftp.openpkg.org/release/1.0/UPD/
  [4] ftp://ftp.openpkg.org/release/1.1/UPD/
  [5] ftp://ftp.openpkg.org/current/SRC/
  [6] http://www.openpkg.org/security.html#signature
  [7] http://www.openpkg.org/tutorial.html#regular-source
________________________________________________________________________

For security reasons, this advisory was digitally signed with
the OpenPGP public key "OpenPKG <openpkg () openpkg org>" (ID 63C4CB9F)
of the OpenPKG project which you can find under the official URL
http://www.openpkg.org/openpkg.pgp or on http://keyserver.pgp.com/. To
check the integrity of this advisory, verify its digital signature by
using GnuPG (http://www.gnupg.org/). For example, pipe this message to
the command "gpg --verify --keyserver keyserver.pgp.com".
________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg () openpkg org>

iEYEARECAAYFAj39rFwACgkQgHWT4GPEy59OOQCfRNp25g3jXbRoIITZnwnpT7lo
0q8AoMCazmZmwIs0sqxUJF4wfwbsC6Zz
=6WvF
-----END PGP SIGNATURE-----