Low: mysql security update

Advisory:	RHSA-2007:0083-3
Type:	Security Advisory
Severity:	Low
Issued on:	2007-02-19
Last updated on:	2007-02-19
Affected Products:	Red Hat Application Stack v1 for Enterprise Linux AS (v.4) Red Hat Application Stack v1 for Enterprise Linux ES (v.4)
OVAL:	N/A
CVEs (cve.mitre.org):	CVE-2006-0903 CVE-2006-3081 CVE-2006-4031 CVE-2006-4226 CVE-2006-4227

Details

Updated MySQL packages for the Red Hat Application Stack comprising the v1.1
release are now available.

This update also resolves some minor security issues rated as having low
security impact by the Red Hat Security Response Team.

Several minor security issues were found in MySQL:

MySQL allowed remote authenticated users to create or access a database
when the database name differed only in case from a database for which they
had permissions. (CVE-2006-4226)

MySQL evaluated arguments in the wrong security context which allowed
remote authenticated users to gain privileges through a routine that had
been made available using GRANT EXECUTE. (CVE-2006-4227)

MySQL allowed a local user to access a table through a previously created
MERGE table, even after the user's privileges were revoked for the original
table, which might violate intended security policy. (CVE-2006-4031)

MySQL allowed authenticated users to cause a denial of service (crash) via
a NULL second argument to the str_to_date function. (CVE-2006-3081)

MySQL allowed local authenticated users to bypass logging mechanisms via
SQL queries that contain the NULL character, which were not properly
handled by the mysql_real_query function. (CVE-2006-0903)

Users of MySQL should upgrade to these updated packages, which resolve
these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Application Stack v1 for Enterprise Linux AS (v.4)

SRPMS:
mysql-5.0.30-1.el4s1.1.src.rpm File outdated by: RHSA-2008:0510	`b1286f8ed419eec951f02a0f17cdc5b6`

IA-32:
mysql-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`c1bd8eae792b620677100762b2659dac`
mysql-bench-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`4a9671ac9a96e68d48a3c9aaf24e607d`
mysql-devel-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`81fc452e5a6849a88b6db218a5c92dc7`
mysql-server-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`af5162d98ff053a9e641c4284874a675`
mysql-test-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`440229a542bf959f05cd22aa469948bb`

x86_64:
mysql-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`c1bd8eae792b620677100762b2659dac`
mysql-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`913c86ac256fe0e54c866dab843d3ef3`
mysql-bench-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`d27530b3c3ebe17fbac831d2ba6997af`
mysql-devel-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`7e72f397613fe1b20503be9bfc68f3f4`
mysql-server-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`5f648be2383cd82412257c8644acd0db`
mysql-test-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`b5a605586daaaee0e9b8855d8d96c7cc`

Red Hat Application Stack v1 for Enterprise Linux ES (v.4)

SRPMS:
mysql-5.0.30-1.el4s1.1.src.rpm File outdated by: RHSA-2008:0510	`b1286f8ed419eec951f02a0f17cdc5b6`

IA-32:
mysql-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`c1bd8eae792b620677100762b2659dac`
mysql-bench-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`4a9671ac9a96e68d48a3c9aaf24e607d`
mysql-devel-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`81fc452e5a6849a88b6db218a5c92dc7`
mysql-server-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`af5162d98ff053a9e641c4284874a675`
mysql-test-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`440229a542bf959f05cd22aa469948bb`

x86_64:
mysql-5.0.30-1.el4s1.1.i386.rpm File outdated by: RHSA-2008:0510	`c1bd8eae792b620677100762b2659dac`
mysql-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`913c86ac256fe0e54c866dab843d3ef3`
mysql-bench-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`d27530b3c3ebe17fbac831d2ba6997af`
mysql-devel-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`7e72f397613fe1b20503be9bfc68f3f4`
mysql-server-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`5f648be2383cd82412257c8644acd0db`
mysql-test-5.0.30-1.el4s1.1.x86_64.rpm File outdated by: RHSA-2008:0510	`b5a605586daaaee0e9b8855d8d96c7cc`

(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

228999 - CVE-2006-0903 Multiple minor MySQL issues (CVE-2006-3081 CVE-2006-4031 CVE-2006-4226 CVE-2006-4227)

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227
http://www.redhat.com/security/updates/classification/#low

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/