===================================================================== CERT-Renater Note d'Information No. 2006/VULN213 _____________________________________________________________________ DATE : 28/04/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running MySQL. ====================================================================== =========================================================== Ubuntu Security Notice USN-274-1 April 27, 2006 mysql-dfsg vulnerability CVE-2006-0903 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: mysql-server The problem can be corrected by upgrading the affected package to version 4.0.20-2ubuntu1.7 (for Ubuntu 4.10), 4.0.23-3ubuntu2.2 (for Ubuntu 5.04), or 4.0.24-10ubuntu2.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A logging bypass was discovered in the MySQL query parser. A local attacker could exploit this by inserting NUL characters into query strings (even into comments), which would cause the query to be logged incompletely. This only affects you if you enabled the 'log' parameter in the MySQL configuration. Updated packages for Ubuntu 4.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-2ubuntu1.7.diff.gz Size/MD5: 176824 f214253e4c2a6ffcfd949bc19410ee6b http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-2ubuntu1.7.dsc Size/MD5: 894 19ef051a7994a4faea9b248c12dc44b5 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20.orig.tar.gz Size/MD5: 9760117 f092867f6df2f50b34b8065312b9fb2b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-common_4.0.20-2ubuntu1.7_all.deb Size/MD5: 25144 b28d3fdc01b8d8194d0388d8d48a257d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient-dev_4.0.20-2ubuntu1.7_amd64.deb Size/MD5: 2811182 c4111aec963f9a495b261b299e449c2e http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.20-2ubuntu1.7_amd64.deb Size/MD5: 305220 8f6653a1152af3624e68a759a2893827 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.20-2ubuntu1.7_amd64.deb Size/MD5: 423266 f5702114938059a53d531535caaad7f5 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.20-2ubuntu1.7_amd64.deb Size/MD5: 3578122 92a1b9e4c8d874dffc09ebf5fb13e72b i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient-dev_4.0.20-2ubuntu1.7_i386.deb Size/MD5: 2774718 6b2c35f99be213bfc34133995e611f46 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.20-2ubuntu1.7_i386.deb Size/MD5: 288162 61879cbc26a9b7dbb27c6c842546458d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.20-2ubuntu1.7_i386.deb Size/MD5: 397264 612dc9f1b1149a2af49b0a2aa157e009 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.20-2ubuntu1.7_i386.deb Size/MD5: 3487310 47ecf2e29f3dbe465dfd990ba80c36eb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient-dev_4.0.20-2ubuntu1.7_powerpc.deb Size/MD5: 3110894 81feb50003ee69b7e93b809b8c0bfc39 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.20-2ubuntu1.7_powerpc.deb Size/MD5: 308852 a8fe34e726d5302deb751838ef8ccb06 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.20-2ubuntu1.7_powerpc.deb Size/MD5: 452684 52bfacf4b50418cc8d30fdde7679eab4 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.20-2ubuntu1.7_powerpc.deb Size/MD5: 3770820 3c992663d03b4b9f548207e7dddb2749 Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.23-3ubuntu2.2.diff.gz Size/MD5: 343725 a2b298ae7189d19d610096bd509ce596 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.23-3ubuntu2.2.dsc Size/MD5: 891 b92cb6c84451811ccf7bd7c2a56c50b4 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.23.orig.tar.gz Size/MD5: 9814467 5eec8f66ed48c6ff92e73161651a492b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-common_4.0.23-3ubuntu2.2_all.deb Size/MD5: 31990 2d6d3941ca77a34d4fe04919aac8cbc7 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.23-3ubuntu2.2_amd64.deb Size/MD5: 2866184 3b5f0aa334fc9e1fa7056cf210f94fd2 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.23-3ubuntu2.2_amd64.deb Size/MD5: 306820 e2917d28d803a34a4c72da0fbba151d3 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.23-3ubuntu2.2_amd64.deb Size/MD5: 431414 cc314f27a6afe67c821a7a51da383545 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.23-3ubuntu2.2_amd64.deb Size/MD5: 3628640 b296921ef40461d59e9bbba7b2e52357 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.23-3ubuntu2.2_i386.deb Size/MD5: 2825934 44b9304d6fa1fd3e3c2e3e9686024c10 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.23-3ubuntu2.2_i386.deb Size/MD5: 289510 da17fd8185519af7a3df1a861ce33d07 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.23-3ubuntu2.2_i386.deb Size/MD5: 404598 158bbb7ad75e303bf5c13adb383b599a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.23-3ubuntu2.2_i386.deb Size/MD5: 3537624 9482f91850da2bd3fdde233aa9e64052 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.23-3ubuntu2.2_powerpc.deb Size/MD5: 3179624 7466544fb8fc5a7209340039b65c63da http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.23-3ubuntu2.2_powerpc.deb Size/MD5: 312406 8fb8562ffa55040773a02eeb64ba8272 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.23-3ubuntu2.2_powerpc.deb Size/MD5: 462192 265ff5c43fc9afefe1af28c3a4386e5e http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.23-3ubuntu2.2_powerpc.deb Size/MD5: 3839282 617a98d3bc28182b3ff37e0e3f130795 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10ubuntu2.1.diff.gz Size/MD5: 97810 0dbdcd235f3f6a2f424de7113b74655d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10ubuntu2.1.dsc Size/MD5: 964 f84c5803fc7d13589346e910387f30c6 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz Size/MD5: 9923794 aed8f335795a359f32492159e3edfaa3 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-common_4.0.24-10ubuntu2.1_all.deb Size/MD5: 34664 544a522c6d3206981da17184e978e617 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10ubuntu2.1_amd64.deb Size/MD5: 3231158 c1d669e10ac67d1e9b0f121833683779 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10ubuntu2.1_amd64.deb Size/MD5: 307700 4bc18b69d4e43b694497b4076d79cd75 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.24-10ubuntu2.1_amd64.deb Size/MD5: 439484 a29c262a4aa8cdd57f8dfe8009cb8b7d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.24-10ubuntu2.1_amd64.deb Size/MD5: 3922016 e92ecc0bd9a6fea65f42c7bead40b6db i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10ubuntu2.1_i386.deb Size/MD5: 2868302 9dabada4f3d7a4a85df44299b94eae88 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10ubuntu2.1_i386.deb Size/MD5: 291550 efbfa0fc65a09ead055a27414e1be54a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.24-10ubuntu2.1_i386.deb Size/MD5: 413452 596701868b19ae58687798f73327db4d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.24-10ubuntu2.1_i386.deb Size/MD5: 3555444 32eed9d4f3f58a083c505555e249a0ac powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10ubuntu2.1_powerpc.deb Size/MD5: 3089942 a58bb68ffed82acc2161d2bf49542da8 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10ubuntu2.1_powerpc.deb Size/MD5: 305526 f033567ad51627ff2137a3118deb668a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.24-10ubuntu2.1_powerpc.deb Size/MD5: 453378 ab9be3cf1197c77c7992942c4c1cc9c0 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.24-10ubuntu2.1_powerpc.deb Size/MD5: 3664012 e9a402c36b385dcb83d2248ff4487a2c ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================