Re: pkg/34577: mysql-server-5.0.24a has vulnerabilities

[Lubomir Sedlacik <salo%Xtrmntr.org@localhost>]

The following reply was made to PR pkg/34577; it has been noted by GNATS.

From: Lubomir Sedlacik <salo%Xtrmntr.org@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: pkg/34577: mysql-server-5.0.24a has vulnerabilities
Date: Thu, 21 Sep 2006 14:28:43 +0200

 --m51xatjYGsM+13rf
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Thu, Sep 21, 2006 at 05:25:00AM +0000, Gilles%Gravier.org@localhost wrote:
 > >Description:
 > For the last several days, I've been receiving the following message
 > during the security-audit of my machine:
 >=20
 > Package mysql-server-5.0.24a has a security-bypass vulnerability, see
 > http://secunia.com/advisories/21506/
 >=20
 > Package mysql-server-5.0.24a has a privilge-escalation vulnerability,
 > see http://secunia.com/advisories/21506/
 >=20
 >=20
 > Any idea when it will be fixed?
 
 when MySQL A.B. releases 5.0.25
 
 please don't abuse GNATS for asking questions, there are appropriate
 lists for discussions and you can reach the pkgsrc Security Team at
 pkgsrc-security%NetBSD.org@localhost if you want to discuss some issues in
 private.
 
 
 regards
 
 --=20
 -- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --
 
 --m51xatjYGsM+13rf
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.5 (NetBSD)
 
 iD8DBQFFEoV7iwjDDlS8cmMRAgpNAKCVZwv+SCO4noCe0Q5NpkfSkNVjzgCdHxR6
 +UZHKBi7kJ/NkRHgTmllc3c=
 =aw/g
 -----END PGP SIGNATURE-----
 
 --m51xatjYGsM+13rf--