List:Commits« Previous MessageNext Message »
From:anthony.bedford Date:March 4 2009 9:43am
Subject:svn commit - mysqldoc@docsrva: r14068 - trunk/dynamic-docs/changelog
View as plain text  
Author: tbedford
Date: 2009-03-04 10:43:47 +0100 (Wed, 04 Mar 2009)
New Revision: 14068

Log:
Added entry for bug #42306

Modified:
   trunk/dynamic-docs/changelog/monitor.xml


Modified: trunk/dynamic-docs/changelog/monitor.xml
===================================================================
--- trunk/dynamic-docs/changelog/monitor.xml	2009-03-04 09:33:17 UTC (rev 14067)
+++ trunk/dynamic-docs/changelog/monitor.xml	2009-03-04 09:43:47 UTC (rev 14068)
Changed blocks: 1, Lines Added: 35, Lines Deleted: 0; 1378 bytes

@@ -9,6 +9,41 @@
   <logentry entrytype="bug">
 
     <bugs>
+      <fixes bugid="42306"/>
+    </bugs>
+
+    <versions>
+      <version ver="2.0.5"/>
+    </versions>
+
+    <message>
+
+      <para>
+        Changing <literal>ssh-agent</literal> from OpenSSH or specifying
+        a malevolent value of <literal>agent-host-id</literal>, could
+        inject data into the monitored MySQL Server.
+      </para>
+
+      <para>
+        For example, setting <literal>agent-host-id</literal> to the
+        value <quote>I&apos;m a test</quote> would result in the
+        following message in the error log:
+      </para>
+
+<programlisting>
+2009-01-23 15:45:11: ((error)) agent_mysqld.c:281: mysql_real_query('INSERT INTO
+mysql.inventory  (name, value) VALUES ( 'hostid', 'I'm a test' )') on 'mysql' failed: You
+have an error in your SQL syntax; check the manual that corresponds to your MySQL server
+version for the right syntax to use near 'm a test' )' at line 1 (mysql-errno = 1064)
+</programlisting>
+
+    </message>
+
+  </logentry>
+
+  <logentry entrytype="bug">
+
+    <bugs>
       <fixes bugid="43239"/>
     </bugs>
 


Thread
svn commit - mysqldoc@docsrva: r14068 - trunk/dynamic-docs/changeloganthony.bedford4 Mar