From: Michael Shigorin Date: September 11 2003 8:13am Subject: Re: MySQL 4.0.15 has been released List-Archive: http://lists.mysql.com/packagers/139 Message-Id: <20030911081310.GA31756@osdn.org.ua> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cWoXeonUoKmBZSoM" --cWoXeonUoKmBZSoM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Sep 10, 2003 at 08:02:32PM +0200, Lenz Grimmer wrote: > * Fixed buffer overflow in SET PASSWORD which could > potentially be exploited by MySQL users with root privileges > to execute random code or to gain shell access (thanks to > Jedi/Sector One for spotting and reporting this one). Is this relevant for 3.x? If yes, then is it going to be fixed? If no, then is there a standalone patch for this issue? -- ---- WBR, Michael Shigorin ------ Linux.Kiev http://www.linux.kiev.ua/ --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/YC6WbsPDprYMm3IRAnKgAJ4uSdENREnhxxbEiBRHF82BHLv83QCgqyfq JScMSGayR6gWWWtGSHBeLRI= =Hvzc -----END PGP SIGNATURE----- --cWoXeonUoKmBZSoM--