[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )

Subject: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
From: "Ian" <cobalt@xxxxxxxxxxxxx>
Date: Thu, 30 Jan 2003 09:27:49 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

I new version of Mysql ( 3.23.55) has been releases which fixes a 
double free bug, amongst other things:

http://www.mysql.com/doc/en/News-3.23.55.html

<Quote>
Fixed double free'd pointer bug in mysql_change_user() handling, that 
enabled a specially hacked version of MySQL client to crash mysqld. 

NOTE, that one needs to login to the server by using a valid user 
account to be able to exploit this bug. 
</Quote>

Will there be a new package being made available ?

As an aside I managed to install 3.23.54a form source on a Raq4i ( 
for some reason the rpms/pkg wouldn't go in ).  So far it has run 
without problems.


Regards

Ian
--

Prev by Date: Re: [cobalt-security] OT OpenSSH question
Next by Date: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
Previous by thread: [cobalt-security] Duplicate Messages
Next by thread: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index