Mandrake: Updated MySQL packages fix
Posted by Benjamin D. Thomas   
Mandrake A number of vulnerabilities were discovered by Stefano Di Paola in the MySQL server: If an authenticated user had INSERT privileges on the 'mysql' database, the CREATE FUNCTION command allowed that user to use libc functions to execute arbitrary code with the privileges of the user running the database server (mysql) (CAN-2005-0709).
 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           MySQL
 Advisory ID:            MDKSA-2005:060
 Date:                   March 21st, 2005

 Affected versions:	 10.0, 10.1, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities were discovered by Stefano Di Paola in the
 MySQL server:
 
 If an authenticated user had INSERT privileges on the 'mysql' database,
 the CREATE FUNCTION command allowed that user to use libc functions to
 execute arbitrary code with the privileges of the user running the
 database server (mysql) (CAN-2005-0709).
 
 If an authenticated user had INSERT privileges on the 'mysql' database,
 it was possible to load a library located in an arbitrary directory by
 using INSERT INTO mysql.func instead of CREATE FUNCTION.  This also
 would allow the user to execute arbitrary code with the privileges of
 the user running the database server (CAN-2005-0710).
 
 Finally, temporary files belonging to tables created with CREATE
 TEMPORARY TABLE were handled in an insecure manner, allowing any local
 user to overwrite arbitrary files with the privileges of the database
 server (CAN-2005-0711).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 a63c4a586c5ce21eefc68121b8bfcbb7  10.0/RPMS/libmysql12-4.0.18-1.4.100mdk.i586.rpm
 91deea11427c50779b5435a952efc7e3  10.0/RPMS/libmysql12-devel-4.0.18-1.4.100mdk.i586.rpm
 4150e294ce81935ee7e8844537867f89  10.0/RPMS/MySQL-4.0.18-1.4.100mdk.i586.rpm
 1d7343e4ef5363066387fb4249ddf22a  10.0/RPMS/MySQL-Max-4.0.18-1.4.100mdk.i586.rpm
 1b96455b734d9f896391041c6a1014d9  10.0/RPMS/MySQL-bench-4.0.18-1.4.100mdk.i586.rpm
 d4e8ee5ce5608ad9c81905ad4a9b10eb  10.0/RPMS/MySQL-client-4.0.18-1.4.100mdk.i586.rpm
 d83c85b5417d2c0e96002aa1d162bf35  10.0/RPMS/MySQL-common-4.0.18-1.4.100mdk.i586.rpm
 7f206e82f4858c1f5d26e3f45f317320  10.0/SRPMS/MySQL-4.0.18-1.4.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 0ab0bb4f82c8dc3d6194bd6d01136948  amd64/10.0/RPMS/lib64mysql12-4.0.18-1.4.100mdk.amd64.rpm
 283f25dfa37b406ac76c724f7d45dfe7  amd64/10.0/RPMS/lib64mysql12-devel-4.0.18-1.4.100mdk.amd64.rpm
 6e796a5b00ee1b450aefe434ccadf437  amd64/10.0/RPMS/MySQL-4.0.18-1.4.100mdk.amd64.rpm
 bcd3e0ffdd1402ff54a63cc7386a36be  amd64/10.0/RPMS/MySQL-Max-4.0.18-1.4.100mdk.amd64.rpm
 46b367fcf652e07fccd09d76738a8662  amd64/10.0/RPMS/MySQL-bench-4.0.18-1.4.100mdk.amd64.rpm
 76ea0bbb46e2f7af835498759cd991cb  amd64/10.0/RPMS/MySQL-client-4.0.18-1.4.100mdk.amd64.rpm
 db3725e14b8dfd0bd99e0f5ebc645303  amd64/10.0/RPMS/MySQL-common-4.0.18-1.4.100mdk.amd64.rpm
 7f206e82f4858c1f5d26e3f45f317320  amd64/10.0/SRPMS/MySQL-4.0.18-1.4.100mdk.src.rpm

 Mandrakelinux 10.1:
 c3c557a06d519f6f8e91ba43a9f3d404  10.1/RPMS/libmysql12-4.0.20-3.3.101mdk.i586.rpm
 0ada09ca0942df3ac24b54e77d4f1ab7  10.1/RPMS/libmysql12-devel-4.0.20-3.3.101mdk.i586.rpm
 051ba4877ed955d2ba10dfa689d4b380  10.1/RPMS/MySQL-4.0.20-3.3.101mdk.i586.rpm
 ec4c10ff52536c9aba73207d4090878a  10.1/RPMS/MySQL-Max-4.0.20-3.3.101mdk.i586.rpm
 8a0df2fc5431d0bea357ff35f99aec64  10.1/RPMS/MySQL-bench-4.0.20-3.3.101mdk.i586.rpm
 bc0478faf5d4f1c453b3a67143685c82  10.1/RPMS/MySQL-client-4.0.20-3.3.101mdk.i586.rpm
 3f87f6fa53b47ab287714df3a7b569cf  10.1/RPMS/MySQL-common-4.0.20-3.3.101mdk.i586.rpm
 5eef9940c3b0f16bbe47ef5cf2d87335  10.1/SRPMS/MySQL-4.0.20-3.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 7782ecace6685d4070d50983e4b68a26  x86_64/10.1/RPMS/lib64mysql12-4.0.20-3.3.101mdk.x86_64.rpm
 23c36f372c0eafad5304fe8a5a91340c  x86_64/10.1/RPMS/lib64mysql12-devel-4.0.20-3.3.101mdk.x86_64.rpm
 d1d378de68e919c70125a26f598bbc9d  x86_64/10.1/RPMS/MySQL-4.0.20-3.3.101mdk.x86_64.rpm
 bef40ae1d0b3d7d2fd02e23675890bf3  x86_64/10.1/RPMS/MySQL-Max-4.0.20-3.3.101mdk.x86_64.rpm
 33888c8872f94005b83c46ee7a4c0e9e  x86_64/10.1/RPMS/MySQL-bench-4.0.20-3.3.101mdk.x86_64.rpm
 c1d72a2398a4fca7d60efe7f717ddb91  x86_64/10.1/RPMS/MySQL-client-4.0.20-3.3.101mdk.x86_64.rpm
 3a8bcfea1e9106510c69c93875cedad3  x86_64/10.1/RPMS/MySQL-common-4.0.20-3.3.101mdk.x86_64.rpm
 5eef9940c3b0f16bbe47ef5cf2d87335  x86_64/10.1/SRPMS/MySQL-4.0.20-3.3.101mdk.src.rpm

 Corporate Server 2.1:
 0bc49a4120e6f7218204420787eb2f67  corporate/2.1/RPMS/libmysql10-3.23.56-1.8.C21mdk.i586.rpm
 7bb7b42e1872b2e4087f2e9818d3c309  corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.8.C21mdk.i586.rpm
 23470127e8aa4d0f17d4d4112dbcedfd  corporate/2.1/RPMS/MySQL-3.23.56-1.8.C21mdk.i586.rpm
 19c2791af702f6642073c545c7e0849b  corporate/2.1/RPMS/MySQL-Max-3.23.56-1.8.C21mdk.i586.rpm
 8096eb5a826ff1789285a7604ce39d30  corporate/2.1/RPMS/MySQL-bench-3.23.56-1.8.C21mdk.i586.rpm
 f1276798252c0f5376c263b0e0e18b89  corporate/2.1/RPMS/MySQL-client-3.23.56-1.8.C21mdk.i586.rpm
 6e07c7ea6e92b0b0828814648234c9b3  corporate/2.1/SRPMS/MySQL-3.23.56-1.8.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 179bb081fc42e1605aee0e0cd4302479  x86_64/corporate/2.1/RPMS/libmysql10-3.23.56-1.8.C21mdk.x86_64.rpm
 0aff7099f82a97b088a42998c8a2be79  x86_64/corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.8.C21mdk.x86_64.rpm
 3c5266fa6cd2bc2ea601b400d7affd27  x86_64/corporate/2.1/RPMS/MySQL-3.23.56-1.8.C21mdk.x86_64.rpm
 e50a52624efac2ab7f2ee79a56093a9b  x86_64/corporate/2.1/RPMS/MySQL-Max-3.23.56-1.8.C21mdk.x86_64.rpm
 c7d5c09665aa3ba0f93de29b2a825b0f  x86_64/corporate/2.1/RPMS/MySQL-bench-3.23.56-1.8.C21mdk.x86_64.rpm
 4c885f301ed4fa22954a24e86f96e11b  x86_64/corporate/2.1/RPMS/MySQL-client-3.23.56-1.8.C21mdk.x86_64.rpm
 6e07c7ea6e92b0b0828814648234c9b3  x86_64/corporate/2.1/SRPMS/MySQL-3.23.56-1.8.C21mdk.src.rpm

 Corporate 3.0:
 c7b137fde3b84b2135cdb1b1c4b3669c  corporate/3.0/RPMS/libmysql12-4.0.18-1.4.C30mdk.i586.rpm
 9a1220153597986dcea93655e616985c  corporate/3.0/RPMS/libmysql12-devel-4.0.18-1.4.C30mdk.i586.rpm
 c94748b75420afebba61f3889179ed27  corporate/3.0/RPMS/MySQL-4.0.18-1.4.C30mdk.i586.rpm
 4230df255b7e26fdc5352fef47a652dd  corporate/3.0/RPMS/MySQL-Max-4.0.18-1.4.C30mdk.i586.rpm
 f341a2cdbe037f03f1589dd03c32b122  corporate/3.0/RPMS/MySQL-bench-4.0.18-1.4.C30mdk.i586.rpm
 23706070a88e7705d65656fb75a38bac  corporate/3.0/RPMS/MySQL-client-4.0.18-1.4.C30mdk.i586.rpm
 8445d01b3058a678b31d4e4f62f0500f  corporate/3.0/RPMS/MySQL-common-4.0.18-1.4.C30mdk.i586.rpm
 85f2566dec3dfaea49f5c7220030d13d  corporate/3.0/SRPMS/MySQL-4.0.18-1.4.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 64283c6daaaf50e766d98b4fa9281a3d  x86_64/corporate/3.0/RPMS/lib64mysql12-4.0.18-1.4.C30mdk.x86_64.rpm
 fcf3a8d2142dc35d83ee537a03b2b69d  x86_64/corporate/3.0/RPMS/lib64mysql12-devel-4.0.18-1.4.C30mdk.x86_64.rpm
 16984a3255ce4b7934b8b479f2a3d744  x86_64/corporate/3.0/RPMS/MySQL-4.0.18-1.4.C30mdk.x86_64.rpm
 f3d128d91d0db42234a0799c17529ef0  x86_64/corporate/3.0/RPMS/MySQL-Max-4.0.18-1.4.C30mdk.x86_64.rpm
 34ef63c34906f4bb69d2c5a2048ead58  x86_64/corporate/3.0/RPMS/MySQL-bench-4.0.18-1.4.C30mdk.x86_64.rpm
 abeb243d806f4d6026314e0c6323aa27  x86_64/corporate/3.0/RPMS/MySQL-client-4.0.18-1.4.C30mdk.x86_64.rpm
 6fe8cd9e5b1d3b784267dcf3b6155438  x86_64/corporate/3.0/RPMS/MySQL-common-4.0.18-1.4.C30mdk.x86_64.rpm
 85f2566dec3dfaea49f5c7220030d13d  x86_64/corporate/3.0/SRPMS/MySQL-4.0.18-1.4.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team