Date: Tue, 9 Sep 2008 14:18:40 +0200 From: Robert Buchholz <rbu@...too.org> To: oss-security@...ts.openwall.com Subject: CVE request: MySQL empty bit-string literal server crash Hi, we consider the following bug a security issue. I'm not sure whether MySQL upstream feels so as well. Quoting the ChangeLog: An empty bit-string literal (b'') caused a server crash. Now the value is parsed as an empty bit value (which is treated as an empty string in string context or 0 in numeric context). (Bug#35658) Bug: http://bugs.mysql.com/bug.php?id=35658 ChangeLogs: * 5.0.66 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html * 5.1.26 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html * 6.0.6 http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html Gentoo handles this as bug 237166 [ https://bugs.gentoo.org/237166 ]. Thanks, Robert Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.