Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 27 Sep 2012 11:11:29 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2009-4030 regression in mysql

Hi All,

It was found that the fix for CVE-2009-4030 was not present in mysql
version 5.0.88, as claimed by upstream.

As a result of this, Red Hat Security Advisory RHSA-2012:0127 which
rebased mysql in Red Hat Enterprise Linux 5 to 5.0.95, missed the above
fix.

We have assigned CVE-2012-4452 to this issue.

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4452
http://bugs.mysql.com/bug.php?id=32167
http://rhn.redhat.com/errata/RHSA-2012-0127.html


-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ