Date: Tue, 29 Feb 2000 09:35:30 -0600 (CST) From: Guy Helmer <ghelmer@cs.iastate.edu> To: Mitch Vincent <mitch@venux.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:05.mysql322-server Message-ID: <Pine.HPX.4.05.10002290924160.23120-100000@popeye.cs.iastate.edu> In-Reply-To: <006701bf82c2$b6436680$40ee2fd8@venux.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Feb 2000, Mitch Vincent wrote: > I'm guessing everyone has seen this, however I'm concerned. If this is a > MySQL bug, there is nothing on MySQL's site about it. The email references > the "322-server", there have been 32 more releases (patch levels but still, > releases) since 3.22 (if there even was a 3.22 to start with).. A close look at the message shows that versions prior to 3.22.32 are affected. > Is this a bug that only effects the MySQL server installed from the ports? > If so, I'm not sure I understand how that can be if it's a bug in MySQL > itself. The security problems are not isolated to the FreeBSD ports of MySQL. See the bugtraq archives at www.securityfocus.com -- search for "MySQL" -- where two recent problems, password authentication and remote access vulnerabilities, are described. > I've very concerned as we run several MySQL servers that could be effected > by this. Upgrade soon! HTH, Guy Guy Helmer, Ph.D. Candidate, Iowa State University Dept. of Computer Science Research Assistant, Dept. of Computer Science --- ghelmer@cs.iastate.edu http://www.cs.iastate.edu/~ghelmer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.HPX.4.05.10002290924160.23120-100000>