Hello MySQL
Again(!) I remark that you put a notice about a potential root exploit
somewhere near line 100 or so instead as a big fat "SECURITY: ..."
warning on top of the changelog.
Although this time it's at least the first entry in the bugs section,
I propose you to change that in future as admins and especially package
maintainers should see such things at the first glance.
bye,
-christian-
On Wed, Sep 10, 2003 at 08:02:32PM +0200, Lenz Grimmer wrote:
...
> Bugs fixed:
>
> * Fixed buffer overflow in SET PASSWORD which could potentially be
> exploited by MySQL users with root privileges to execute random code
> or to gain shell access (thanks to Jedi/Sector One for spotting and
> reporting this one).
