Bug 640845 (CVE-2010-3836)
Summary: | CVE-2010-3836 MySQL: pre-evaluating LIKE arguments in view prepare mode causes crash (MySQL Bug#54568) | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | byte, jlieskov, kvolny, tgl | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-06-20 15:20:08 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 645642, 645643, 645647, 645651, 652553, 652554, 833943 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Vincent Danen
2010-10-06 21:31:43 UTC
This issue has been assigned the name CVE-2010-3836: http://article.gmane.org/gmane.comp.security.oss.general/3627 Created attachment 453415 [details]
upstream patch
It appears that the patch that actually went in for this is not the first one linked to in the bugzilla entry, but rather http://lists.mysql.com/commits/115062 This issue did NOT affect the versions of the mysql package, as shipped with Red Hat Enterprise Linux 3 and 4. This issue affects the version of mysql package, as shipped with Red Hat Enterprise Linux 5 and 6. -- This issue affects the version of mysql package, as shipped with Fedora 12 and 13. Created mysql tracking bugs for this issue Affects: fedora-12 [bug 645647] Created mysql tracking bugs for this issue Affects: fedora-13 [bug 645651] This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0825 https://rhn.redhat.com/errata/RHSA-2010-0825.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0164 https://rhn.redhat.com/errata/RHSA-2011-0164.html |