From owner-freebsd-stable@FreeBSD.ORG  Sun Jul 11 20:23:53 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3570E16A4CE
	for <freebsd-stable@freebsd.org>;
	Sun, 11 Jul 2004 20:23:53 +0000 (GMT)
Received: from main.gmane.org (main.gmane.org [80.91.224.249])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 95FC543D31
	for <freebsd-stable@freebsd.org>;
	Sun, 11 Jul 2004 20:23:52 +0000 (GMT)
	(envelope-from freebsd-stable@m.gmane.org)
Received: from list by main.gmane.org with local (Exim 3.35 #1 (Debian))
	id 1BjkrX-0003yF-00
	for <freebsd-stable@freebsd.org>; Sun, 11 Jul 2004 22:23:51 +0200
Received: from ns-ilmail3.ns-systems.com ([62.90.139.134])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <freebsd-stable@freebsd.org>; Sun, 11 Jul 2004 22:23:51 +0200
Received: from haim by ns-ilmail3.ns-systems.com with local (Gmexim 0.1
	(Debian))        id 1AlnuQ-0007hv-00
	for <freebsd-stable@freebsd.org>; Sun, 11 Jul 2004 22:23:51 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-stable@freebsd.org
From: Haim Ashkenazi <haim@babysnakes.org>
Date: Sun, 11 Jul 2004 23:23:48 +0300
Lines: 25
Message-ID: <pan.2004.07.11.20.23.45.898659@babysnakes.org>
References: <pan.2004.07.11.08.27.16.598733@babysnakes.org>
	<53104FEB-D322-11D8-9FD7-000A95A951B0@online.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: ns-ilmail3.ns-systems.com
User-Agent: Pan/0.14.2.91 (As She Crawled Across the Table (Debian GNU/Linux))
Sender: news <news@sea.gmane.org>
Subject: Re: what happened to mysql vulnerability
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Jul 2004 20:23:53 -0000

On Sun, 11 Jul 2004 12:08:58 +0200, Jan Demter wrote:

> 
> Am 11.07.2004 um 10:27 schrieb Haim Ashkenazi:
>> in the last few days I saw a vulnerability in the portaudit output for
>> mysql 4.0.20. checking mysql website I saw that they didn't release a 
>> fix
>> yet for the 4.0 series (only for 4.1). I could wait for it because the
>> problem is not so bad for me since I use "skip-networking" in my mysql
>> configuration. last night the warning disappeared from the output of
>> portaudit and I didn't upgrade anything. any idea why?
> 
> MySQL 4.0 is not affected by this particular vulnerability, it was
> put in the portaudit-database in error at first and then corrected 
> later.
> 
> You can look up what changed and why in the portaudit-database here:
> http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/portaudit-db/
> database/portaudit.txt
thanx.

Bye
-- 
Haim