List:Packagers« Previous MessageNext Message »
From:Lenz Grimmer Date:May 5 2003 8:32am
Subject:Re: 4.x and double free change_user bug from january?
View as plain text  
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

On Mon, 5 May 2003, Christian Hammers wrote:

> Was the 4.x branch of mysql ever vulnerable to this bug? I didn't see
> anything in the changelog:
>
> Changes in release 3.23.55 (23 Jan 2003)
>     * Fixed double free'd pointer bug in mysql_change_user() handling,
>       that enabled a specially hacked version of MySQL client to crash
>       mysqld. Note, that one needs to login to the server by using a
>       valid user account to be able to exploit this bug.

According to the BitKeeper Changelog, this ChangeSet was pulled into 4.0
as well and is included from mysql-4.0.10 onwards:

ChangeSet@stripped, 2003-01-21 16:07:31+01:00, serg@stripped
  fixed double-free bug in COM_CHANGE_USER

But you are right, it should have been mentioned in the 4.0 Changelog of
manual.texi as well. This is always a problem, when Changes from one tree
are being pulled into another...

Bye,
	LenZ
- -- 
For technical support contracts, visit https://order.mysql.com/?ref=mlgr
   __  ___     ___ ____  __
  /  |/  /_ __/ __/ __ \/ /      Mr. Lenz Grimmer <lenz@stripped>
 / /|_/ / // /\ \/ /_/ / /__     MySQL AB, Production Engineer
/_/  /_/\_, /___/\___\_\___/     Hamburg, Germany
       <___/   www.mysql.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+tiGGSVDhKrJykfIRApg7AJ0dVqgF1f5qd+Pvb24h6b6vCkt1WACfUoku
FL2T6JANzWqsxGVDqH7uAJA=
=UYSJ
-----END PGP SIGNATURE-----
Thread
4.x and double free change_user bug from january?Christian Hammers5 May
  • Re: 4.x and double free change_user bug from january?Lenz Grimmer5 May