[Full-Disclosure] GLSA: mysqlcc (200303-7)
From: Daniel Ahlberg (aliz@gentoo.org)
Date: 03/07/03
- Previous message: Ron DuFresne: "Re: [Full-Disclosure] Security Certifications"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Daniel Ahlberg <aliz@gentoo.org> To: full-disclosure@lists.netsys.com Date: Fri, 7 Mar 2003 17:03:20 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-7
- - ---------------------------------------------------------------------
PACKAGE : mysqlcc
SUMMARY : information leakage
DATE : 2003-03-07 16:03 UTC
EXPLOIT : local
VERSIONS AFFECTED : <0.8.9
FIXED VERSION : =>0.8.9
CVE :
- - ---------------------------------------------------------------------
Versions prior to 0.8.9 had all configuration and connection files
world readable.
SOLUTION
It is recommended that all Gentoo Linux users who are running
dev-db/mysqlcc upgrade to mysqlcc-0.8.10-r1 as follows:
emerge sync
emerge -u mysqlcc
emerge clean
- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - ---------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+aMK+fT7nyhUpoZMRAoq2AKDE1Xc6ler9UoKz2bVNtN4B4OMlLgCgtj4Y
a6RAI1/TyhIthLVSXYCcRj0=
=EL3y
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Ron DuFresne: "Re: [Full-Disclosure] Security Certifications"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
