-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 27 Aug 2009 10:31:25 +0200 Source: mysql-dfsg-5.0 Binary: libmysqlclient15off libmysqlclient15-dev mysql-common mysql-client-5.0 mysql-server-5.0 mysql-server mysql-client Architecture: source all i386 Version: 5.0.51a-24+lenny2 Distribution: stable-security Urgency: high Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org> Changed-By: Sebastien Delafond <seb@debian.org> Description: libmysqlclient15-dev - MySQL database development files libmysqlclient15off - MySQL database client library mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.0 - MySQL database client binaries mysql-common - MySQL database common files mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.0 - MySQL database server binaries Closes: 536726 Changes: mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high . * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers <ch@debian.org>. Checksums-Sha1: dbacd17f4cce8c23d20dd03e0ef70d7c9d103f08 1745 mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc f4a9e089b8322f5cc333b16b3f27bab840f823cf 336017 mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz c9522b9211734b3855b1ef98fa318eee3588e255 60754 mysql-common_5.0.51a-24+lenny2_all.deb ec3271b8958baf89766d2b334db0edc6f4863777 55140 mysql-server_5.0.51a-24+lenny2_all.deb 714690f6d1089a55418c4ebc2bdb7ef1dfa9e881 52942 mysql-client_5.0.51a-24+lenny2_all.deb d461f802a21c89cc8bb92e1be71937c5d952579d 1859180 libmysqlclient15off_5.0.51a-24+lenny2_i386.deb a3dc78456ab492a5f9be9bcafa90cb471cdde1c2 7192962 libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb 5fe0256ad34aa8fb1affdf86d24c2b9f7d28cc74 7785324 mysql-client-5.0_5.0.51a-24+lenny2_i386.deb 930724d7acdb7e35110646b26139cfe0aa25ce78 26514714 mysql-server-5.0_5.0.51a-24+lenny2_i386.deb Checksums-Sha256: e5385c4037ed8e468227a252ca33c7a89f13e833aadae98345c1cf10d93dc8e5 1745 mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc e608f452d88774275357fcf2c675868a3509474549375f1c374299ad9f42732a 336017 mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz e4b5f28d37029e9f88722986ea6f07fb23971030a4fa355bf7e43433e7c4ea16 60754 mysql-common_5.0.51a-24+lenny2_all.deb 0ae02bbe5f11c1258a0315468b3f4cc13ea4176c9387bc29e594457c34c5d03c 55140 mysql-server_5.0.51a-24+lenny2_all.deb 6722ebb14ab015b6f9595056e608bcc425887ca5db4f78198248660f79f22b25 52942 mysql-client_5.0.51a-24+lenny2_all.deb 060e5c3456c40b0ab5d93bdcd225470c5a354f07da239e48d261414db2d05e5e 1859180 libmysqlclient15off_5.0.51a-24+lenny2_i386.deb a1377e8abdccceb6514823aed566d57829cb792e78a990526d0bcc333132eb3f 7192962 libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb 2cf75766bb638bfb6fa883f75804bdb4fcb544ef79b309f9c6f574d8fb49f2f4 7785324 mysql-client-5.0_5.0.51a-24+lenny2_i386.deb bc21f501f0f6292cdc46a5d18d90e03d1248a8ebae2ab70bbf788742210b2add 26514714 mysql-server-5.0_5.0.51a-24+lenny2_i386.deb Files: 55c6c40c4cee89c4b9602b1f5c9fbab2 1745 misc optional mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc 73e71bc1448601de508d0aa47ca3c0c2 336017 misc optional mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz 29e2385383abbe3b88e370d7c024d8c1 60754 misc optional mysql-common_5.0.51a-24+lenny2_all.deb 1b33f8d6803d58f3510f2b1a6fff9935 55140 misc optional mysql-server_5.0.51a-24+lenny2_all.deb 1559a30bde9a3c81192c90401b11988c 52942 misc optional mysql-client_5.0.51a-24+lenny2_all.deb a4384b5580df4a2f92e0fb0850100128 1859180 libs optional libmysqlclient15off_5.0.51a-24+lenny2_i386.deb f105e413fd396eb1babf2e44c79f3393 7192962 libdevel optional libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb f662a309b3aeca56a98034b2a254f1eb 7785324 misc optional mysql-client-5.0_5.0.51a-24+lenny2_i386.deb 6628ec53d3a651053b4426a51fac77a0 26514714 misc optional mysql-server-5.0_5.0.51a-24+lenny2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqWYcQACgkQiZgNKcDdyD9TfACfVu5r/HOQrKk03eCekkGVa5yW Us0AmQH1zMENzFpW6Np7V+qV8SjTdcMx =whgW -----END PGP SIGNATURE----- Accepted: libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb libmysqlclient15off_5.0.51a-24+lenny2_i386.deb to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny2_i386.deb mysql-client-5.0_5.0.51a-24+lenny2_i386.deb to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny2_i386.deb mysql-client_5.0.51a-24+lenny2_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny2_all.deb mysql-common_5.0.51a-24+lenny2_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny2_all.deb mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc mysql-server-5.0_5.0.51a-24+lenny2_i386.deb to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny2_i386.deb mysql-server_5.0.51a-24+lenny2_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny2_all.deb