Red Hat Product Errata RHSA-2007:0894 - Security Advisory

Issued:: 2007-09-10
Updated:: 2007-09-10

RHSA-2007:0894 - Security Advisory

Overview
Updated Packages

Synopsis

Important: mysql security update

Type/Severity

Security Advisory: Important

Topic

Updated MySQL packages for the Red Hat Application Stack comprising the v1.2
release fixed various security issues.

The security issues in this errata are rated as having important security
impact by the Red Hat Security Response Team.

Description

On the 23rd August 2007, Red Hat Application Stack v1.2 was released. This
release contained a new version of MySQL that corrected several security
issues found in the MySQL packages of Red Hat Application Stack v1.1.

Users who have already updated to Red Hat Application Stack v1.2 will
already have the new MySQL packages and are not affected by these issues.

A flaw was discovered in MySQL's authentication protocol. A remote
unauthenticated attacker could send a specially crafted authentication
request to the MySQL server causing it to crash. (CVE-2007-3780)

MySQL did not require privileges such as SELECT for the source table in a
CREATE TABLE LIKE statement. A remote authenticated user could obtain
sensitive information such as the table structure. (CVE-2007-3781)

A flaw was discovered in MySQL that allowed remote authenticated
users to gain update privileges for a table in another database via a view
that refers to the external table (CVE-2007-3782).

A flaw was discovered in the mysql_change_db function when returning from
SQL SECURITY INVOKER stored routines. A remote authenticated user could
use this flaw to gain database privileges. (CVE-2007-2692)

MySQL did not require the DROP privilege for RENAME TABLE statements. A
remote authenticated users could use this flaw to rename arbitrary tables.
(CVE-2007-2691)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

Red Hat Application Stack 1 1 x86_64
Red Hat Application Stack 1 1 i386

Fixes

BZ - 241688 - CVE-2007-2691 DROP privilege is not enforced when renaming tables
BZ - 241689 - CVE-2007-2692 SECURITY INVOKER functions do not drop privilegies
BZ - 248553 - CVE-2007-3781 CVE-2007-3782 New release of MySQL fixes security bugs
BZ - 254108 - CVE-2007-3780 mysql malformed password crasher

CVEs

References

This erratum does not contain any packages.

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories