-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 06 Nov 2007 02:45:28 +0100 Source: mysql-dfsg-4.1 Binary: libmysqlclient14-dev mysql-common-4.1 libmysqlclient14 mysql-server-4.1 mysql-client-4.1 Architecture: source i386 all Version: 4.1.11a-4sarge8 Distribution: oldstable-security Urgency: high Maintainer: noahm@debian.org Changed-By: Christian Hammers <ch@debian.org> Description: libmysqlclient14 - mysql database client library libmysqlclient14-dev - mysql database development files mysql-client-4.1 - mysql database client binaries mysql-common-4.1 - mysql database common files (e.g. /etc/mysql/my.cnf) mysql-server-4.1 - mysql database server binaries Closes: 424778 Changes: mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high . * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. Files: 3e72ca407001f3a821af22528aeb4167 1021 misc optional mysql-dfsg-4.1_4.1.11a-4sarge8.dsc 3a827fee8740fbedbe7c114075351847 166363 misc optional mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz 13af7dbf0b5e55c57b22f66611d6f39c 36954 misc optional mysql-common-4.1_4.1.11a-4sarge8_all.deb c3c5800beb238eadcb44bc5cae668a09 1418578 libs optional libmysqlclient14_4.1.11a-4sarge8_i386.deb e4cf4980b8dcd3ade7f97744ff7cd627 5645942 libdevel optional libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb 1e9acc111598dbeae29405174e98f8eb 831594 misc optional mysql-client-4.1_4.1.11a-4sarge8_i386.deb cf379b4463dc21d6afe6bbc4d66e2e46 14573956 misc optional mysql-server-4.1_4.1.11a-4sarge8_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHMVIdYrVLjBFATsMRAgNiAJwM4S3Jqt7WPgAX2Wb8SxPvqVosjACfeQNx M+hZEbqfiL0gbe+6hCqzXsI= =tgAc -----END PGP SIGNATURE----- Accepted: libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb to pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb libmysqlclient14_4.1.11a-4sarge8_i386.deb to pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_i386.deb mysql-client-4.1_4.1.11a-4sarge8_i386.deb to pool/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_i386.deb mysql-common-4.1_4.1.11a-4sarge8_all.deb to pool/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge8_all.deb mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz to pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz mysql-dfsg-4.1_4.1.11a-4sarge8.dsc to pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc mysql-server-4.1_4.1.11a-4sarge8_i386.deb to pool/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_i386.deb