Re: MySQL CVE-2006-3469

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



John,

It affects FC3 and earlier as included with the distributions. FC4 is currently including 4.1.20 on the updates-released directory.

Do note that FC3 can run the regular mysql rpm's as provided by mysql... so an advisory should be posted (imho)...

Not sure about FC1/2 (I moved over to FC3 from another distro)

Tim



On Jul 28, 2006, at 1:13 PM, John Dalbec wrote:

Does this affect Fedora-Legacy?

06.29.31 CVE: CVE-2006-3469
Platform: Cross Platform
Title: MySQL Server Date_Format Denial of Service
Description: MySQL is susceptible to a remote denial of service
vulnerability because the database server fails if the "select
date_format" SQL function is called with "('%d%s', 1);" argument.
MySQL versions prior to 4.1.18, 5.0.19 and 5.1.6 are affected.
Ref: http://www.securityfocus.com/bid/19032

--

fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

--

fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux