Red Hat 9037 Published by

A new update is available for Red Hat Enterprise Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: mysql security update
Advisory ID: RHSA-2007:1157-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1157.html
Issue date: 2007-12-19
Updated on: 2007-12-19
Product: Red Hat Application Stack
CVE Names: CVE-2007-5969 CVE-2007-5925 CVE-2007-6303
- ---------------------------------------------------------------------

1. Summary:

Updated mysql packages that fix several security issues are now available
for Red Hat Application Stack v1 and v2.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64
Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, x86_64

3. Problem description:

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld), and
many different client programs and libraries.

A flaw was found in a way MySQL handled symbolic links when database tables
were created with explicit "DATA" and "INDEX DIRECTORY" options. An
authenticated user could create a table that would overwrite tables in
other databases, causing destruction of data or allowing the user to
elevate privileges. (CVE-2007-5969)

A flaw was found in a way MySQL's InnoDB engine handled spatial indexes. An
authenticated user could create a table with spatial indexes, which are not
supported by the InnoDB engine, that would cause the mysql daemon to crash
when used. This issue only causes a temporary denial of service, as the
mysql daemon will be automatically restarted after the crash.
(CVE-2007-5925)

A flaw was found in a way MySQL handled the "DEFINER" view parameter. A
user with the "ALTER VIEW" privilege for a view created by another database
user, could modify that view to get access to any data accessible to the
creator of said view. (CVE-2007-6303)

All mysql users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

377451 - CVE-2007-5925 mysql DoS in the InnoDB Engine
397071 - CVE-2007-5969 mysql: possible system table information overwrite using symlinks
420231 - CVE-2007-6303 mysql: DEFINER value of view not altered on ALTER VIEW

6. RPMs required:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/mysql-5.0.44-2.el4s1.1.src.rpm
ca84729dbb47b6733cde3b385ca3773d mysql-5.0.44-2.el4s1.1.src.rpm

i386:
d71440ea3ee98d1d6481457b0cfcd7eb mysql-5.0.44-2.el4s1.1.i386.rpm
2da466fc2754b6b4bb279f7181d7cf37 mysql-bench-5.0.44-2.el4s1.1.i386.rpm
8f6c64281708ba3ad7eaaf6948762fc1 mysql-cluster-5.0.44-2.el4s1.1.i386.rpm
a5483597c4385b1372aa821f8d514946 mysql-debuginfo-5.0.44-2.el4s1.1.i386.rpm
72a2d26bf19cc79d0a9c4f94658b00d0 mysql-devel-5.0.44-2.el4s1.1.i386.rpm
c77211698fb1ce60be43744acc28a546 mysql-libs-5.0.44-2.el4s1.1.i386.rpm
8e9bb1932f851006a5a4e3f586c8b148 mysql-server-5.0.44-2.el4s1.1.i386.rpm
80ebb4bc395e2338b2175188d636e81f mysql-test-5.0.44-2.el4s1.1.i386.rpm

x86_64:
d71440ea3ee98d1d6481457b0cfcd7eb mysql-5.0.44-2.el4s1.1.i386.rpm
8b3674d07d0de7131ca61d0e5b82d9d4 mysql-5.0.44-2.el4s1.1.x86_64.rpm
e32256754d35b2f741cf023d313db803 mysql-bench-5.0.44-2.el4s1.1.x86_64.rpm
0433ff7e161e6166069b990ed5e5adc0 mysql-cluster-5.0.44-2.el4s1.1.x86_64.rpm
a5483597c4385b1372aa821f8d514946 mysql-debuginfo-5.0.44-2.el4s1.1.i386.rpm
4a6bd81a3ca36b47a5c7eb7289d9c69a mysql-debuginfo-5.0.44-2.el4s1.1.x86_64.rpm
706271c5eb07ec0862ffb6cd820f15c0 mysql-devel-5.0.44-2.el4s1.1.x86_64.rpm
c77211698fb1ce60be43744acc28a546 mysql-libs-5.0.44-2.el4s1.1.i386.rpm
ea65b280ea61b2c8aae57ebad1bd5748 mysql-libs-5.0.44-2.el4s1.1.x86_64.rpm
064abb6df8f7272d1a91ca890fefe1ff mysql-server-5.0.44-2.el4s1.1.x86_64.rpm
81b83016558b08b4558f3b04dd681b19 mysql-test-5.0.44-2.el4s1.1.x86_64.rpm

Red Hat Application Stack v1 for Enterprise Linux ES (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/mysql-5.0.44-2.el4s1.1.src.rpm
ca84729dbb47b6733cde3b385ca3773d mysql-5.0.44-2.el4s1.1.src.rpm

i386:
d71440ea3ee98d1d6481457b0cfcd7eb mysql-5.0.44-2.el4s1.1.i386.rpm
2da466fc2754b6b4bb279f7181d7cf37 mysql-bench-5.0.44-2.el4s1.1.i386.rpm
8f6c64281708ba3ad7eaaf6948762fc1 mysql-cluster-5.0.44-2.el4s1.1.i386.rpm
a5483597c4385b1372aa821f8d514946 mysql-debuginfo-5.0.44-2.el4s1.1.i386.rpm
72a2d26bf19cc79d0a9c4f94658b00d0 mysql-devel-5.0.44-2.el4s1.1.i386.rpm
c77211698fb1ce60be43744acc28a546 mysql-libs-5.0.44-2.el4s1.1.i386.rpm
8e9bb1932f851006a5a4e3f586c8b148 mysql-server-5.0.44-2.el4s1.1.i386.rpm
80ebb4bc395e2338b2175188d636e81f mysql-test-5.0.44-2.el4s1.1.i386.rpm

x86_64:
d71440ea3ee98d1d6481457b0cfcd7eb mysql-5.0.44-2.el4s1.1.i386.rpm
8b3674d07d0de7131ca61d0e5b82d9d4 mysql-5.0.44-2.el4s1.1.x86_64.rpm
e32256754d35b2f741cf023d313db803 mysql-bench-5.0.44-2.el4s1.1.x86_64.rpm
0433ff7e161e6166069b990ed5e5adc0 mysql-cluster-5.0.44-2.el4s1.1.x86_64.rpm
a5483597c4385b1372aa821f8d514946 mysql-debuginfo-5.0.44-2.el4s1.1.i386.rpm
4a6bd81a3ca36b47a5c7eb7289d9c69a mysql-debuginfo-5.0.44-2.el4s1.1.x86_64.rpm
706271c5eb07ec0862ffb6cd820f15c0 mysql-devel-5.0.44-2.el4s1.1.x86_64.rpm
c77211698fb1ce60be43744acc28a546 mysql-libs-5.0.44-2.el4s1.1.i386.rpm
ea65b280ea61b2c8aae57ebad1bd5748 mysql-libs-5.0.44-2.el4s1.1.x86_64.rpm
064abb6df8f7272d1a91ca890fefe1ff mysql-server-5.0.44-2.el4s1.1.x86_64.rpm
81b83016558b08b4558f3b04dd681b19 mysql-test-5.0.44-2.el4s1.1.x86_64.rpm

Red Hat Application Stack v2 for Enterprise Linux (v.5):

SRPMS:
ftp://updates.redhat.com/enterprise//en/RHWAS/SRPMS/mysql-5.0.44-3.el5s2.src.rpm
9b9b957fe2d29d198f27f956dedb31fe mysql-5.0.44-3.el5s2.src.rpm

i386:
cf1887c176b79fe704600f2bdc163474 mysql-5.0.44-3.el5s2.i386.rpm
1753693081423dc9841979b5564b58ff mysql-bench-5.0.44-3.el5s2.i386.rpm
3be4ca88aa307cb4fd3ad786852782ec mysql-cluster-5.0.44-3.el5s2.i386.rpm
d9621538bdd467798c1016936fe3bcae mysql-debuginfo-5.0.44-3.el5s2.i386.rpm
dcacca0a00f7eb14bdcebd1f943c47e7 mysql-devel-5.0.44-3.el5s2.i386.rpm
809ff153137e95e27fd771c1be590dfc mysql-libs-5.0.44-3.el5s2.i386.rpm
a7a65b019b44f9c016739b5818dbf46b mysql-server-5.0.44-3.el5s2.i386.rpm
1a40e64039df2a50d68c22cbbb88edbf mysql-test-5.0.44-3.el5s2.i386.rpm

x86_64:
cf1887c176b79fe704600f2bdc163474 mysql-5.0.44-3.el5s2.i386.rpm
cc9549cea809112110f1ec76cfbee1d8 mysql-5.0.44-3.el5s2.x86_64.rpm
c20fc6b7e24a6928e7f080cfba9d98dd mysql-bench-5.0.44-3.el5s2.x86_64.rpm
9ae5003039deb5772fb954ed1440cbcc mysql-cluster-5.0.44-3.el5s2.x86_64.rpm
d9621538bdd467798c1016936fe3bcae mysql-debuginfo-5.0.44-3.el5s2.i386.rpm
1e76cbe8a731f04266502d54a5506a47 mysql-debuginfo-5.0.44-3.el5s2.x86_64.rpm
dcacca0a00f7eb14bdcebd1f943c47e7 mysql-devel-5.0.44-3.el5s2.i386.rpm
823725665e22e44533177134487d9f0f mysql-devel-5.0.44-3.el5s2.x86_64.rpm
809ff153137e95e27fd771c1be590dfc mysql-libs-5.0.44-3.el5s2.i386.rpm
b66ef3e045f403152d0451ae0bee8e39 mysql-libs-5.0.44-3.el5s2.x86_64.rpm
cb45dec1b2d708e62955c4017f663036 mysql-server-5.0.44-3.el5s2.x86_64.rpm
902c6e1e350ae925d5de24c5e13f0418 mysql-test-5.0.44-3.el5s2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6303
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHaUM+XlSAg2UNWIIRAtDSAKCM7s75ag8eIliaC/8YXrBYmHdaWACgjbQx
3pISyq8SjHZpfV45rzfXIAQ=
=DACv
-----END PGP SIGNATURE-----