mysql 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1198847963
업데이트 : 2007.12.28
상세내용
- mysql 5.0.51 update
. CVE-2007-5925
The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine
in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial
of service (database crash) via a certain CONTAINS operation on an indexed column,
which triggers an assertion error.
. CVE-2007-5969
MySQL Community Server before 5.0.51, when a table relies on symlinks created
through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote
authenticated users to overwrite system table information and gain privileges
via a RENAME TABLE statement that changes the symlink to point to an existing file.
Autoupdates 지원 : Packages System
pkgadd -F "mysql*"
update 패키지
RPMS :
. mysql-5.0.51-1.i686.rpm
. mysql-devel-5.0.51-1.i686.rpm
. mysql-client-5.0.51-1.i686.rpm
. mysql-shared-5.0.51-1.i686.rpm
SRPMS :
. mysql-5.0.51-1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
|