* Re: [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) @ 2008-03-17 10:37 ` Vladimir V. Kamarzin 2008-03-17 10:55 ` Dmitry V. Levin 2008-03-17 10:56 ` Konstantin A. Lepikhov 0 siblings, 2 replies; 4+ messages in thread From: Vladimir V. Kamarzin @ 2008-03-17 10:37 UTC (permalink / raw) To: devel >>>>> On 17 Mar 2008 at 02:21 "QTR" == QA Team Robot writes: QTR> 13 UPDATED packages QTR> MySQL - MySQL: A very fast and reliable SQL database engine [32M] QTR> * Sun Mar 16 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt2.a QTR> - 5.0.51a. QTR> - Security fixes: QTR> + CVE-2008-0226, CVE-2008-0227 (Three vulnerabilities in yaSSL versions 1.7.5 QTR> that could lead to a server crash or execution of unauthorized code.) QTR> + ALTER VIEW retained the original DEFINER value, even when altered by QTR> another user, which could allow that user to gain the access rights of the QTR> view (MySQL #29908). QTR> - Add glibc-locales to -server deps (ALT #13909 #14731). QTR> - Make links to mysqld_safe for backwards compatibility (ALT #14863). QTR> - Update html documentation to 10265 revsion. QTR> * Tue Jan 01 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt1 Будут ли исправлены в 4.0 бранче вышеозначенные уязвимости? -- vvk ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) 2008-03-17 10:37 ` [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) Vladimir V. Kamarzin @ 2008-03-17 10:55 ` Dmitry V. Levin 2008-03-17 11:10 ` Konstantin A. Lepikhov 2008-03-17 10:56 ` Konstantin A. Lepikhov 1 sibling, 1 reply; 4+ messages in thread From: Dmitry V. Levin @ 2008-03-17 10:55 UTC (permalink / raw) To: ALT Devel discussion list [-- Attachment #1: Type: text/plain, Size: 1109 bytes --] On Mon, Mar 17, 2008 at 03:37:22PM +0500, Vladimir V. Kamarzin wrote: > >>>>> On 17 Mar 2008 at 02:21 "QTR" == QA Team Robot writes: > > QTR> 13 UPDATED packages > > QTR> MySQL - MySQL: A very fast and reliable SQL database engine [32M] > QTR> * Sun Mar 16 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt2.a > QTR> - 5.0.51a. > QTR> - Security fixes: > QTR> + CVE-2008-0226, CVE-2008-0227 (Three vulnerabilities in yaSSL versions 1.7.5 > QTR> that could lead to a server crash or execution of unauthorized code.) > QTR> + ALTER VIEW retained the original DEFINER value, even when altered by > QTR> another user, which could allow that user to gain the access rights of the > QTR> view (MySQL #29908). > QTR> - Add glibc-locales to -server deps (ALT #13909 #14731). > QTR> - Make links to mysqld_safe for backwards compatibility (ALT #14863). > QTR> - Update html documentation to 10265 revsion. > QTR> * Tue Jan 01 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt1 > > Будут ли исправлены в 4.0 бранче вышеозначенные уязвимости? Перенести в бранч? -- ldv [-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) 2008-03-17 10:55 ` Dmitry V. Levin @ 2008-03-17 11:10 ` Konstantin A. Lepikhov 0 siblings, 0 replies; 4+ messages in thread From: Konstantin A. Lepikhov @ 2008-03-17 11:10 UTC (permalink / raw) To: ALT Linux Team development discussions [-- Attachment #1: Type: text/plain, Size: 1272 bytes --] Hi Dmitry! Monday 17, at 01:55:36 PM you wrote: > On Mon, Mar 17, 2008 at 03:37:22PM +0500, Vladimir V. Kamarzin wrote: > > >>>>> On 17 Mar 2008 at 02:21 "QTR" == QA Team Robot writes: > > > > QTR> 13 UPDATED packages > > > > QTR> MySQL - MySQL: A very fast and reliable SQL database engine [32M] > > QTR> * Sun Mar 16 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt2.a > > QTR> - 5.0.51a. > > QTR> - Security fixes: > > QTR> + CVE-2008-0226, CVE-2008-0227 (Three vulnerabilities in yaSSL versions 1.7.5 > > QTR> that could lead to a server crash or execution of unauthorized code.) > > QTR> + ALTER VIEW retained the original DEFINER value, even when altered by > > QTR> another user, which could allow that user to gain the access rights of the > > QTR> view (MySQL #29908). > > QTR> - Add glibc-locales to -server deps (ALT #13909 #14731). > > QTR> - Make links to mysqld_safe for backwards compatibility (ALT #14863). > > QTR> - Update html documentation to 10265 revsion. > > QTR> * Tue Jan 01 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt1 > > > > Будут ли исправлены в 4.0 бранче вышеозначенные уязвимости? > > Перенести в бранч? Ну если не потеряется без запроса в багзилле, то перенеси. -- WBR et al. [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) 2008-03-17 10:37 ` [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) Vladimir V. Kamarzin 2008-03-17 10:55 ` Dmitry V. Levin @ 2008-03-17 10:56 ` Konstantin A. Lepikhov 1 sibling, 0 replies; 4+ messages in thread From: Konstantin A. Lepikhov @ 2008-03-17 10:56 UTC (permalink / raw) To: ALT Linux Team development discussions [-- Attachment #1: Type: text/plain, Size: 1085 bytes --] Hi Vladimir! Monday 17, at 03:37:22 PM you wrote: > >>>>> On 17 Mar 2008 at 02:21 "QTR" == QA Team Robot writes: > > QTR> 13 UPDATED packages > > QTR> MySQL - MySQL: A very fast and reliable SQL database engine [32M] > QTR> * Sun Mar 16 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt2.a > QTR> - 5.0.51a. > QTR> - Security fixes: > QTR> + CVE-2008-0226, CVE-2008-0227 (Three vulnerabilities in yaSSL versions 1.7.5 > QTR> that could lead to a server crash or execution of unauthorized code.) > QTR> + ALTER VIEW retained the original DEFINER value, even when altered by > QTR> another user, which could allow that user to gain the access rights of the > QTR> view (MySQL #29908). > QTR> - Add glibc-locales to -server deps (ALT #13909 #14731). > QTR> - Make links to mysqld_safe for backwards compatibility (ALT #14863). > QTR> - Update html documentation to 10265 revsion. > QTR> * Tue Jan 01 2008 L.A. Kostis <lakostis@altlinux> 5.0.51-alt1 > > Будут ли исправлены в 4.0 бранче вышеозначенные уязвимости? Будут. -- WBR et al. [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2008-03-17 11:10 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2008-03-17 10:37 ` [devel] [cyber] I: Sisyphus-20080317 packages: +3! +13 (7641) Vladimir V. Kamarzin 2008-03-17 10:55 ` Dmitry V. Levin 2008-03-17 11:10 ` Konstantin A. Lepikhov 2008-03-17 10:56 ` Konstantin A. Lepikhov
ALT Linux Team development discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \ devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru public-inbox-index devel Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.devel AGPL code for this site: git clone https://public-inbox.org/public-inbox.git