[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2010:223 -- Mandriva mysql

ID: oval:org.secpod.oval:def:300302Date: (C)2012-01-07   (M)2023-12-07
Class: PATCHFamily: unix




Multiple vulnerabilities were discovered and corrected in mysql: * During evaluation of arguments to extreme-value functions , type errors did not propagate properly, causing the server to crash . * The server could crash after materializing a derived table that required a temporary table for grouping . * A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted . * Pre-evaluation of LIKE predicates during view preparation could cause a server crash . * GROUP_CONCAT and WITH ROLLUP together could cause a server crash . * Queries could cause a server crash if the GREATEST or LEAST function had a mixed list of numeric and LONGBLOB arguments, and the result of such a function was processed using an intermediate temporary table . * Queries with nested joins could cause an infinite loop in the server when used from stored procedures and prepared statements . * The PolyFromWKB function could crash the server when improper WKB data was passed to the function . The updated packages have been patched to correct these issues.

Platform:
Mandriva Linux 2010.0
Mandriva Linux 2010.1
Mandriva Linux 2009.1
Product:
mysql
Reference:
MDVSA-2010:223
CVE-2010-3833
CVE-2010-3834
CVE-2010-3835
CVE-2010-3836
CVE-2010-3837
CVE-2010-3838
CVE-2010-3839
CVE-2010-3840
CVE    8
CVE-2010-3840
CVE-2010-3839
CVE-2010-3838
CVE-2010-3837
...
CPE    3
cpe:/o:mandriva:linux:2009.1
cpe:/o:mandriva:linux:2010.1
cpe:/o:mandriva:linux:2010.0

© SecPod Technologies