Bug 241690 (CVE-2007-2693)
Summary: | CVE-2007-2693 An error message discloses sensitive information to user without SELECT privilege | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Lubomir Kundrak <lkundrak> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | tgl |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://bugs.mysql.com/bug.php?id=23675 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-06-13 12:13:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lubomir Kundrak
2007-05-29 15:59:33 UTC
are you guys sure about this? fc6 and f7 seems to ship mysql 5.0.something. the partitions (which are important for this issue) are, afaik, actually a new feature of 5.1.x, which is beta/unstable - so only unstable mysql 5.1 versions prior to 5.1.18 are affected and we dodged the bullet here? Stefan: thanks for the notice. I don't even know what partitioned tables are, so I trusted what CVE read, and it was "MySQL before 5.1.18". FC7 mysql-5.0.37-2.fc7 FC6 mysql-5.0.27-1.fc6 FC5 mysql-5.0.27-1.fc5 RHEL5 mysql-5.0.22-2.1 RHEL4 mysql-4.1.20-2.RHEL4.1 RHEL3 mysql-3.23.58-16.RHEL3.1 RHEL2.1 mysql-3.23.58-1.72.2 |