首页 -> 安全研究
安全研究
绿盟月刊
绿盟安全月刊->第38期->最新漏洞
日期:2003-01-03
发布日期:2002-12-19
更新日期:2002-12-25
受影响系统:
MySQL AB MySQL 4.0.5a
MySQL AB MySQL 4.0.3
MySQL AB MySQL 4.0.2
MySQL AB MySQL 4.0.1
MySQL AB MySQL 4.0.0
MySQL AB MySQL 3.23.9
MySQL AB MySQL 3.23.8
MySQL AB MySQL 3.23.53
MySQL AB MySQL 3.23.52
MySQL AB MySQL 3.23.51
MySQL AB MySQL 3.23.50
MySQL AB MySQL 3.23.5
MySQL AB MySQL 3.23.49
MySQL AB MySQL 3.23.48
MySQL AB MySQL 3.23.47
MySQL AB MySQL 3.23.46
MySQL AB MySQL 3.23.45
MySQL AB MySQL 3.23.44
MySQL AB MySQL 3.23.43
MySQL AB MySQL 3.23.42
MySQL AB MySQL 3.23.41
MySQL AB MySQL 3.23.40
MySQL AB MySQL 3.23.4
MySQL AB MySQL 3.23.39
MySQL AB MySQL 3.23.38
MySQL AB MySQL 3.23.37
MySQL AB MySQL 3.23.36
MySQL AB MySQL 3.23.34
MySQL AB MySQL 3.23.31
MySQL AB MySQL 3.23.30
MySQL AB MySQL 3.23.3
MySQL AB MySQL 3.23.29
MySQL AB MySQL 3.23.28
MySQL AB MySQL 3.23.27
MySQL AB MySQL 3.23.26
MySQL AB MySQL 3.23.25
MySQL AB MySQL 3.23.24
MySQL AB MySQL 3.23.23
MySQL AB MySQL 3.23.2
MySQL AB MySQL 3.23.10
MySQL AB MySQL 3.22.32
MySQL AB MySQL 3.22.30
MySQL AB MySQL 3.22.29
MySQL AB MySQL 3.22.28
MySQL AB MySQL 3.22.27
MySQL AB MySQL 3.22.26
MySQL AB MySQL 3.23.53a
- Linux系统
- Unix系统
不受影响系统:
MySQL AB MySQL 3.23.54
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 6373
CVE(CAN) ID: CAN-2002-1374
MySQL是一款开放源代码关系型数据库系统。
MySQL的密码验证机制存在缺陷,远程攻击者可以利用这个漏洞以其他数据库帐号访问数据库。
在2000年02月,Robert van der Meulen发现MySQL系统中的密码验证系统存在一个缺陷,MySQL挑战应答算法建立应答是根据客户端提供的应答长度来定,因此如果客户端发送只有一个字符的应答,MySQL会只检查一个字节,这意味着只要尝试32次就可以给予服务端正确的应答。修正这个错误的时候,MySQL项目组只简单在服务端检查应答必须8字符以上,但是却对COM_CHANGE_USER命令没有做这个响应的检查。因此攻击者使用合法的MySQL帐户仍旧可以尝试多次未授权访问数据库。本地用户意味着可以利用mysql root帐户控制所有数据库。
<*来源:Stefan Esser (se@FreeBSD.org)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103971644013961&w=2
http://www.openpkg.org/security/OpenPKG-SA-2002.013-mysql.html
http://marc.theaimsgroup.com/?l=bugtraq&m=104004926202698&w=2
http://www.linux-mandrake.com/en/security/2002/2002-087.php
http://www.debian.org/security/2002/dsa-212
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000555
http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html
http://www.trustix.net/errata/misc/2002/TSL-2002-0086-mysql.asc.txt
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:555)以及相应补丁:
CLA-2002:555:MySQL
链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000555
补丁下载:
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/MySQL-3.23.36-14U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/MySQL-bench-3.23.36-14U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/MySQL-client-3.23.36-14U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/MySQL-devel-3.23.36-14U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/MySQL-devel-static-3.23.36-14U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/MySQL-doc-3.23.36-14U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/MySQL-3.23.36-14U60_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-3.23.36-14U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-bench-3.23.36-14U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-client-3.23.36-14U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-devel-3.23.36-14U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-devel-static-3.23.36-14U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-doc-3.23.36-14U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/MySQL-3.23.36-14U70_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-3.23.46-4U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-bench-3.23.46-4U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-client-3.23.46-4U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-devel-3.23.46-4U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-devel-static-3.23.46-4U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-doc-3.23.46-4U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/MySQL-3.23.46-4U80_2cl.src.rpm
Debian
------
Debian已经为此发布了一个安全公告(DSA-212-1)以及相应补丁:
DSA-212-1:Multiple MySQL vulnerabilities
链接:http://www.debian.org/security/2002/dsa-212
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.22.32-6.3.dsc
Size/MD5 checksum: 1305 26482e7b5f51fe036c9270043877483a
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.22.32.orig.tar.gz
Size/MD5 checksum: 4296259 e3d9cb3038a2e4378c9c0f4f9d8c2d58
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.22.32-6.3.diff.gz
Size/MD5 checksum: 84166 79faf5c0f1e6ab6c4c3b7511f9cc1e71
Architecture independent packages:
http://security.debian.org/pool/updates/main/m/mysql/mysql-doc_3.22.32-6.3_all.deb
Size/MD5 checksum: 1687018 e3d348a98e08bbff4085215356c5dcc7
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_alpha.deb
Size/MD5 checksum: 790098 2d103be33a041fa8af05a6d1a8fae1fc
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_alpha.deb
Size/MD5 checksum: 99516 c3803f9e8e090bc9755cc8502f7dd860
arm architecture (ARM)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_arm.deb
Size/MD5 checksum: 603710 028266a7c4c99365a8fe715fda7635b9
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_arm.deb
Size/MD5 checksum: 87190 0f6e1c53dd71bd45ec0bfc7bdd3e92c3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_i386.deb
Size/MD5 checksum: 585150 54c0e5b9aa43a2d4fd2137f22851243a
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_i386.deb
Size/MD5 checksum: 86768 fe2974d4fc341c7fc5c3866636a49676
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_m68k.deb
Size/MD5 checksum: 554888 5d636134e003bdd33f6dd74e60ca6570
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_m68k.deb
Size/MD5 checksum: 84534 47f6aa149c3b872722b5357bb962c0a7
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_powerpc.deb
Size/MD5 checksum: 632736 47f997aa3cac2d514ec11fba8e7d3709
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_powerpc.deb
Size/MD5 checksum: 87560 7b63bd18ce24d663bb097c13d43260b7
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_sparc.deb
Size/MD5 checksum: 611600 5871877cc4fbbfc89e9d05718abcf2ba
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_sparc.deb
Size/MD5 checksum: 94226 b4e520c575a3bbe5ffe5a939da37f5b1
Debian 3.0 (stable)
- -------------------
Stable was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel,
powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.23.49-8.2.dsc
Size/MD5 checksum: 1528 66425fd9b3184175d22bd054d42e3826
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.23.49-8.2.diff.gz
Size/MD5 checksum: 71860 ad8e754da89a07d7cd7932087375dae6
Architecture independent packages:
http://security.debian.org/pool/updates/main/m/mysql/mysql-doc_3.23.49-8.2_all.deb
Size/MD5 checksum: 1962666 97241ff082a952ff7bc1f24cff9fc5e2
http://security.debian.org/pool/updates/main/m/mysql/mysql-common_3.23.49-8.2_all.deb
Size/MD5 checksum: 16394 b88f843f1cbefbe58c4edf88a5c874f9
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_alpha.deb
Size/MD5 checksum: 162986 48a041beb743999e8deed6c90bcee001
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_alpha.deb
Size/MD5 checksum: 778250 a118e60347db03acdae167a7255aa517
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.2_alpha.deb
Size/MD5 checksum: 3633582 6b8adc0cc7df343b709339a73d193dd5
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.2_alpha.deb
Size/MD5 checksum: 277222 7d1757b438b655ed991ece3fbfad8037
arm architecture (ARM)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.2_arm.deb
Size/MD5 checksum: 2805328 087808428351a2ca3ab84dcccd944ba5
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_arm.deb
Size/MD5 checksum: 634104 bbfd016f71b5e05bb4ee0c342351bdda
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_arm.deb
Size/MD5 checksum: 123418 34edad45d226c0c5a87976d51c1ce1a7
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.2_arm.deb
Size/MD5 checksum: 237836 5f2e14d6337a442e14d9d0b83fa60134
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.2_hppa.deb
Size/MD5 checksum: 3514484 2e8892a4393571055800baf3858117b0
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_hppa.deb
Size/MD5 checksum: 140070 38b206d0f03fa42c45c057e3c8df81e1
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_hppa.deb
Size/MD5 checksum: 743204 0702b3a97454c8619d9eca4fb0b58766
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.2_hppa.deb
Size/MD5 checksum: 280120 d60043b7f0c5a8aa6fe130ba2e105a12
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_i386.deb
Size/MD5 checksum: 576164 a3f92e9131b7c8541b79f3f3ecabcba3
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.2_i386.deb
Size/MD5 checksum: 2800214 565952264f4b38ce80e6678c7e0d9a06
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.2_i386.deb
Size/MD5 checksum: 234180 27d7e77b37fda1f7d5c5d9261d025d67
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_i386.deb
Size/MD5 checksum: 122022 ef4b669142a35f7ddc12b467def3e3f1
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_ia64.deb
Size/MD5 checksum: 848116 9b74cdcea1dc751db5b0175b9073fb6f
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_ia64.deb
Size/MD5 checksum: 173286 10e8869167f91a55bd1bbd5b591f4077
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.2_ia64.deb
Size/MD5 checksum: 3999702 3b89ff5e0f6dc01d2c49ea81bb47216b
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.2_ia64.deb
Size/MD5 checksum: 314552 a3b22dec9493cc6d5166c9dcbaae2c7b
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.2_m68k.deb
Size/MD5 checksum: 227180 28060088157864ce3302508c495103ad
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_m68k.deb
Size/MD5 checksum: 117836 93b975f8476984f3c38ff7227956c5a1
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_m68k.deb
Size/MD5 checksum: 557258 d44ba640f48524fd228e83640817c432
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.2_m68k.deb
Size/MD5 checksum: 2646250 4ba7c54c2538870af0736bf0892b3415
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.2_mipsel.deb
Size/MD5 checksum: 687904 a7edb0c6c681544efe80b6ccef53bafe
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.2_mipsel.deb
Size/MD5 checksum: 133728 3ad484b95777df9ecd80313c9a90e434
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclien
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
EnGarde
-------
EnGarde已经为此发布了一个安全公告(ESA-20021213-033)以及相应补丁:
ESA-20021213-033:Several MySQL vulnerabilities
链接:http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html
补丁下载:
EnGarde Upgrade mod_php-4.2.3-1.0.21.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/mod_php-4.2.3-1.0.21.i386.rpm
EnGarde Upgrade mod_php-4.2.3-1.0.21.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/mod_php-4.2.3-1.0.21.i686.rpm
EnGarde Upgrade MySQL-3.23.36-1.0.20.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/MySQL-3.23.36-1.0.20.i386.rpm
EnGarde Upgrade MySQL-3.23.36-1.0.20.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/MySQL-3.23.36-1.0.20.i686.rpm
EnGarde Upgrade MySQL-client-3.23.36-1.0.20.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/MySQL-client-3.23.36-1.0.20.i386.rpm
EnGarde Upgrade MySQL-client-3.23.36-1.0.20.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/MySQL-client-3.23.36-1.0.20.i686.rpm
EnGarde Upgrade MySQL-shared-3.23.36-1.0.20.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/MySQL-shared-3.23.36-1.0.20.i386.rpm
EnGarde Upgrade MySQL-shared-3.23.36-1.0.20.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/MySQL-shared-3.23.36-1.0.20.i686.rpm
EnGarde Upgrade php-4.2.3-1.0.21.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/php-4.2.3-1.0.21.i386.rpm
EnGarde Upgrade php-4.2.3-1.0.21.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/php-4.2.3-1.0.21.i686.rpm
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2002:087)以及相应补丁:
MDKSA-2002:087:Updated MySQL packages fix multiple vulnerabilities
链接:http://www.linux-mandrake.com/en/security/2002/2002-087.php
补丁下载:
Updated Packages:
Linux-Mandrake 7.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/MySQL-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/MySQL-bench-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/MySQL-client-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/MySQL-devel-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/MySQL-shared-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/SRPMS/MySQL-3.23.31-1.3mdk.src.rpm
Mandrake Linux 8.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/MySQL-3.23.36-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/MySQL-bench-3.23.36-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/MySQL-client-3.23.36-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/MySQL-devel-3.23.36-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/MySQL-shared-3.23.36-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/SRPMS/MySQL-3.23.36-2.2mdk.src.rpm
Mandrake Linux 8.0/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/MySQL-3.23.36-2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/MySQL-bench-3.23.36-2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/MySQL-client-3.23.36-2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/MySQL-devel-3.23.36-2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/MySQL-shared-3.23.36-2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/SRPMS/MySQL-3.23.36-2.2mdk.src.rpm
Mandrake Linux 8.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/MySQL-3.23.41-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/MySQL-bench-3.23.41-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/MySQL-client-3.23.41-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/MySQL-devel-3.23.41-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/MySQL-shared-3.23.41-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/SRPMS/MySQL-3.23.41-5.2mdk.src.rpm
Mandrake Linux 8.1/IA64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/MySQL-3.23.41-5.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/MySQL-bench-3.23.41-5.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/MySQL-client-3.23.41-5.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/MySQL-devel-3.23.41-5.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/MySQL-shared-3.23.41-5.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/SRPMS/MySQL-3.23.41-5.2mdk.src.rpm
Mandrake Linux 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/MySQL-3.23.47-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/MySQL-bench-3.23.47-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/MySQL-client-3.23.47-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/libmysql10-3.23.47-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/libmysql10-devel-3.23.47-5.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/SRPMS/MySQL-3.23.47-5.2mdk.src.rpm
Mandrake Linux 8.2/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/MySQL-3.23.47-5.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/MySQL-bench-3.23.47-5.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/MySQL-client-3.23.47-5.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/libmysql10-3.23.47-5.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/libmysql10-devel-3.23.47-5.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/SRPMS/MySQL-3.23.47-5.2mdk.src.rpm
Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/MySQL-3.23.52-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/MySQL-Max-3.23.52-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/MySQL-bench-3.23.52-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/MySQL-client-3.23.52-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/libmysql10-3.23.52-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/libmysql10-devel-3.23.52-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/MySQL-3.23.52-1.2mdk.src.rpm
Single Network Firewall 7.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/RPMS/MySQL-client-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/RPMS/MySQL-shared-3.23.31-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/SRPMS/MySQL-3.23.31-1.3mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
Trustix
-------
Trustix已经为此发布了一个安全公告(TSL-2002-0086)以及相应补丁:
TSL-2002-0086:mysql
链接:http://www.trustix.net/errata/misc/2002/TSL-2002-0086-mysql.asc.txt
补丁下载:
Trustix Secure Linux RPM mysql-3.23.54a-1tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/mysql-3.23.54a-1tr.i586.rpm
Trustix Secure Linux RPM mysql-bench-3.23.54a-1tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/mysql-bench-3.23.54a-1tr.i586.rpm
Trustix Secure Linux RPM mysql-client-3.23.54a-1tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/mysql-client-3.23.54a-1tr.i586.rpm
Trustix Secure Linux RPM mysql-devel-3.23.54a-1tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/mysql-devel-3.23.54a-1tr.i586.rpm
Trustix Secure Linux RPM mysql-shared-3.23.54a-1tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/mysql-shared-3.23.54a-1tr.i586.rpm
版权所有,未经许可,不得转载