[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
- Subject: Re: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
- From: "Ian" <cobalt@xxxxxxxxxxxxx>
- Date: Thu, 30 Jan 2003 14:08:06 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On 30 Jan 2003 at 9:38, jalvarez@xxxxxxxxxx wrote:
> I've the next error with proftpd.
> Jan 29 18:30:43 carran proftpd[2598]: AllowChmod is deprecated, and will
> not work consistantly, use <Limit SITE_CHMOD> instead.
> Jan 29 18:31:37 carran proftpd[2596]: 216.155.73.145
> (216.155.73.144[216.155.73.144]) - FTP session opened.
> Jan 29 18:31:37 carran proftpd[2596]: 216.155.73.145
> (216.155.73.144[216.155.73.144]) - FTP session closed.
>
> My proftpd version is 1.2.4
>
> I think this is a bug. How can I install this patch and where is this.
What has this got to do with MySQL ?
You should really start a new message with a new subject if you want
to ask a new question.
Anyway, have you tried searching google for proftp. You might find
their home page and be able to download patches from there.
Ian
> Thanks
> _____________________________
> Jorge H Alvarez G
> Ingeniero Operaciones SURNET
> Telefonica del Sur S.A
> e-mail1:jalvarez@xxxxxxxxxx
> e-mail2:jalvarez@xxxxxxxxx
> URL:www.surnet.cl
> Fono: (63) 200664,
> Cel: 09 7391036, *1607
> _____________________________
> ----- Remitido por Jorge Alvarez/TELSUR/CNOTES con fecha 30-01-2003 09:37
> -----
>
> "Ian"
> <cobalt@xxxxxxxxxxxxx> Para: cobalt-security@xxxxxxxxxxxxxxx
> Enviado por: cc:
> cobalt-security-admin@list. Asunto: [cobalt-security] MySQL Double Free Bug ( Mysql-3.23.54a )
> cobalt.com
>
>
> 30-01-2003 06:27
> Por favor, responda a
> cobalt-security
>
>
>
>
>
>
> Hi,
>
> I new version of Mysql ( 3.23.55) has been releases which fixes a
> double free bug, amongst other things:
>
> http://www.mysql.com/doc/en/News-3.23.55.html
>
> <Quote>
> Fixed double free'd pointer bug in mysql_change_user() handling, that
> enabled a specially hacked version of MySQL client to crash mysqld.
>
> NOTE, that one needs to login to the server by using a valid user
> account to be able to exploit this bug.
> </Quote>
>
> Will there be a new package being made available ?
>
> As an aside I managed to install 3.23.54a form source on a Raq4i (
> for some reason the rpms/pkg wouldn't go in ). So far it has run
> without problems.
>
>
> Regards
>
> Ian
> --
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security