[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
- Subject: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
- From: jalvarez@xxxxxxxxxx
- Date: Thu, 30 Jan 2003 09:38:52 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I've the next error with proftpd.
Jan 29 18:30:43 carran proftpd[2598]: AllowChmod is deprecated, and will
not work consistantly, use <Limit SITE_CHMOD> instead.
Jan 29 18:31:37 carran proftpd[2596]: 216.155.73.145
(216.155.73.144[216.155.73.144]) - FTP session opened.
Jan 29 18:31:37 carran proftpd[2596]: 216.155.73.145
(216.155.73.144[216.155.73.144]) - FTP session closed.
My proftpd version is 1.2.4
I think this is a bug. How can I install this patch and where is this.
Thanks
_____________________________
Jorge H Alvarez G
Ingeniero Operaciones SURNET
Telefonica del Sur S.A
e-mail1:jalvarez@xxxxxxxxxx
e-mail2:jalvarez@xxxxxxxxx
URL:www.surnet.cl
Fono: (63) 200664,
Cel: 09 7391036, *1607
_____________________________
----- Remitido por Jorge Alvarez/TELSUR/CNOTES con fecha 30-01-2003 09:37
-----
"Ian"
<cobalt@xxxxxxxxxxxxx> Para: cobalt-security@xxxxxxxxxxxxxxx
Enviado por: cc:
cobalt-security-admin@list. Asunto: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
cobalt.com
30-01-2003 06:27
Por favor, responda a
cobalt-security
Hi,
I new version of Mysql ( 3.23.55) has been releases which fixes a
double free bug, amongst other things:
http://www.mysql.com/doc/en/News-3.23.55.html
<Quote>
Fixed double free'd pointer bug in mysql_change_user() handling, that
enabled a specially hacked version of MySQL client to crash mysqld.
NOTE, that one needs to login to the server by using a valid user
account to be able to exploit this bug.
</Quote>
Will there be a new package being made available ?
As an aside I managed to install 3.23.54a form source on a Raq4i (
for some reason the rpms/pkg wouldn't go in ). So far it has run
without problems.
Regards
Ian
--
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security