List:Commits« Previous MessageNext Message »
From:paul Date:May 9 2006 3:28pm
Subject:svn commit - mysqldoc@docsrva: r2059 - in trunk: . refman-common
View as plain text  
Author: paul
Date: 2006-05-09 17:28:02 +0200 (Tue, 09 May 2006)
New Revision: 2059

Log:
 r7360@polar:  paul | 2006-05-09 10:26:07 -0500
 Add CVE numbers/URLs for security fixes.


Modified:
   trunk/
   trunk/refman-common/news-4.0.xml
   trunk/refman-common/news-4.1.xml
   trunk/refman-common/news-5.0.xml
   trunk/refman-common/news-5.1.xml


Property changes on: trunk
___________________________________________________________________
Name: svk:merge
   - 4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:7359
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:10174
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:4886
   + 4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:7360
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:10174
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:4886

Modified: trunk/refman-common/news-4.0.xml
===================================================================
--- trunk/refman-common/news-4.0.xml	2006-05-09 15:27:48 UTC (rev 2058)
+++ trunk/refman-common/news-4.0.xml	2006-05-09 15:28:02 UTC (rev 2059)
@@ -191,9 +191,12 @@
           client, using specially crafted invalid login or
           <literal>COM_TABLE_DUMP</literal> packets was able to read
           uninitialized memory, which potentially, though unlikely in
-          MySQL, could have led to an information disclosure. Thanks to
-          Stefano Di Paola <email>stefano.dipaola@stripped</email> for
-          finding and reporting this bug.
+          MySQL, could have led to an information disclosure.
+          (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516">CVE-2006-1516</ulink>,
+          <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517">CVE-2006-1517</ulink>)
+          Thanks to Stefano Di Paola
+          <email>stefano.dipaola@stripped</email> for finding and
+          reporting this bug.
         </para>
       </listitem>
 

Modified: trunk/refman-common/news-4.1.xml
===================================================================
--- trunk/refman-common/news-4.1.xml	2006-05-09 15:27:48 UTC (rev 2058)
+++ trunk/refman-common/news-4.1.xml	2006-05-09 15:28:02 UTC (rev 2059)
@@ -344,9 +344,12 @@
           client, using specially crafted invalid login or
           <literal>COM_TABLE_DUMP</literal> packets was able to read
           uninitialized memory, which potentially, though unlikely in
-          MySQL, could have led to an information disclosure. Thanks to
-          Stefano Di Paola <email>stefano.dipaola@stripped</email> for
-          finding and reporting this bug.
+          MySQL, could have led to an information disclosure.
+          (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516">CVE-2006-1516</ulink>,
+          <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517">CVE-2006-1517</ulink>)
+          Thanks to Stefano Di Paola
+          <email>stefano.dipaola@stripped</email> for finding and
+          reporting this bug.
         </para>
       </listitem>
 

Modified: trunk/refman-common/news-5.0.xml
===================================================================
--- trunk/refman-common/news-5.0.xml	2006-05-09 15:27:48 UTC (rev 2058)
+++ trunk/refman-common/news-5.0.xml	2006-05-09 15:28:02 UTC (rev 2059)
@@ -485,23 +485,28 @@
       <listitem>
         <para>
           <emphasis role="bold">Security fix</emphasis>: A malicious
-          client, using specially crafted invalid
-          <literal>COM_TABLE_DUMP</literal> packets was able to trigger
-          an exploitable buffer overflow on the server. Thanks to
-          Stefano Di Paola <email>stefano.dipaola@stripped</email> for
-          finding and reporting this bug.
+          client, using specially crafted invalid login or
+          <literal>COM_TABLE_DUMP</literal> packets was able to read
+          uninitialized memory, which potentially, though unlikely in
+          MySQL, could have led to an information disclosure.
+          (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516">CVE-2006-1516</ulink>,
+          <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517">CVE-2006-1517</ulink>)
+          Thanks to Stefano Di Paola
+          <email>stefano.dipaola@stripped</email> for finding and
+          reporting this bug.
         </para>
       </listitem>
 
       <listitem>
         <para>
           <emphasis role="bold">Security fix</emphasis>: A malicious
-          client, using specially crafted invalid login or
-          <literal>COM_TABLE_DUMP</literal> packets was able to read
-          uninitialized memory, which potentially, though unlikely in
-          MySQL, could have led to an information disclosure. Thanks to
-          Stefano Di Paola <email>stefano.dipaola@stripped</email> for
-          finding and reporting this bug.
+          client, using specially crafted invalid
+          <literal>COM_TABLE_DUMP</literal> packets was able to trigger
+          an exploitable buffer overflow on the server.
+          (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518">CVE-2006-1518</ulink>)
+          Thanks to Stefano Di Paola
+          <email>stefano.dipaola@stripped</email> for finding and
+          reporting this bug.
         </para>
       </listitem>
 

Modified: trunk/refman-common/news-5.1.xml
===================================================================
--- trunk/refman-common/news-5.1.xml	2006-05-09 15:27:48 UTC (rev 2058)
+++ trunk/refman-common/news-5.1.xml	2006-05-09 15:28:02 UTC (rev 2059)
@@ -233,22 +233,26 @@
       <listitem>
         <para>
           <emphasis role="bold">Security fix</emphasis>: A malicious
-          client, using specially crafted invalid
-          <literal>COM_TABLE_DUMP</literal> packets was able to trigger
-          an exploitable buffer overflow on the server. Thanks to
-          Stefano Di Paola <email>stefano.dipaola@stripped</email> for
-          finding and reporting this bug.
+          client, using specially crafted invalid login or
+          <literal>COM_TABLE_DUMP</literal> packets was able to read
+          uninitialized memory, which potentially, though unlikely in
+          MySQL, could have led to an information disclosure.
+          (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516">CVE-2006-1516</ulink>,
+          <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517">CVE-2006-1517</ulink>)
+          Thanks to Stefano Di Paola
+          <email>stefano.dipaola@stripped</email> for finding and
+          reporting this bug.
         </para>
       </listitem>
 
       <listitem>
         <para>
           <emphasis role="bold">Security fix</emphasis>: A malicious
-          client, using specially crafted invalid login or
-          <literal>COM_TABLE_DUMP</literal> packets, was able to read
-          uninitialized memory, which potentially &mdash; though
-          unlikely in MySQL &mdash; could have led to an information
-          disclosure. Thanks to Stefano Di Paola
+          client, using specially crafted invalid
+          <literal>COM_TABLE_DUMP</literal> packets was able to trigger
+          an exploitable buffer overflow on the server.
+          (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518">CVE-2006-1518</ulink>)
+          Thanks to Stefano Di Paola
           <email>stefano.dipaola@stripped</email> for finding and
           reporting this bug.
         </para>
Thread
svn commit - mysqldoc@docsrva: r2059 - in trunk: . refman-commonpaul9 May