------------------------------------------------------------
Arch Linux Security Warning ALSW 2007-#29
------------------------------------------------------------

Name: mysql
Date: 2007-05-09
Severity: Medium
Warning #: 2007-#29

------------------------------------------------------------

Product Background
===================
MySQL is a popular multi-threaded, multi-user SQL server.


Problem Background
===================
mu-b discovered a NULL pointer dereference in item_cmpfunc.cc when
processing certain types of SQL requests. Sec Consult also discovered
another NULL pointer dereference when sorting certain types of queries
on the database metadata.

Impact
==================
In both cases, a remote attacker could send a specially crafted SQL
request to the server, possibly resulting in a server crash. Note that
the attacker needs the ability to execute SELECT queries.

Workaround
==========

There is no known workaround at this time.

Problem Packages
===================
Package: mysql
Repo: current
Group: daemon
Unsafe: < 5.0.38
Safe: >= 5.0.38

Package Fix
===================
Upgrade to 5.0.38

===================

Unofficial ArchLinux Security Bug Tracker:
http://jjdanimoth.netsons.org/alsw.html

Reference(s)
===================
[ 1 ] Original Report
http://bugs.mysql.com/bug.php?id=27513
[ 2 ] CVE-2007-1420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420