pkg/34577: mysql-server-5.0.24a has vulnerabilities

To: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/34577: mysql-server-5.0.24a has vulnerabilities
From: Gilles%Gravier.org@localhost
Date: Thu, 21 Sep 2006 05:25:00 +0000 (UTC)

>Number:         34577
>Category:       pkg
>Synopsis:       mysql-server-5.0.24a has vulnerabilities
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Sep 21 05:25:00 +0000 2006
>Originator:     Gilles Gravier
>Release:        3.0.1
>Organization:
>Environment:
NetBSD mailhost 3.0.1 NetBSD 3.0.1 (GENERIC) #0: Thu Jul 13 23:43:47 UTC 2006  
builds%b3.netbsd.org@localhost:/home/builds/ab/netbsd-3-0-1-RELEASE/i386/200607131826Z-obj/home/builds/ab/netbsd-3-0-1-RELEASE/src/sys/arch/i386/compile/GENERIC
 i386

>Description:
For the last several days, I've been receiving the following message during the 
security-audit of my machine:

Package mysql-server-5.0.24a has a security-bypass vulnerability, see 
http://secunia.com/advisories/21506/

Package mysql-server-5.0.24a has a privilge-escalation vulnerability, see 
http://secunia.com/advisories/21506/


Any idea when it will be fixed?
>How-To-Repeat:
Install mysql-server and then run audit-packages
>Fix:
Waiting for a fix to mysql-server

Prev by Date: pkg/34576: darwin xpm pkgsrc bultin buildlink failure
Next by Date: Re: pkg/34573 ([update] sysutils/dd_rescue)
Previous by Thread: pkg/34576: darwin xpm pkgsrc bultin buildlink failure
Next by Thread: Re: pkg/34577: mysql-server-5.0.24a has vulnerabilities
Indexes:

Home | Main Index | Thread Index | Old Index