---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Ubuntu update for mysql-dfsg-5.0 SECUNIA ADVISORY ID: SA21770 VERIFY ADVISORY: http://secunia.com/advisories/21770/ CRITICAL: Less critical IMPACT: Security Bypass, Privilege escalation WHERE: >From local network OPERATING SYSTEM: Ubuntu Linux 6.06 http://secunia.com/product/10611/ DESCRIPTION: Ubuntu has issued an update for mysql-dfsg-5.0. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and perform certain actions with escalated privileges. For more information: SA21259 SA21506 SOLUTION: Apply updated packages. -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22-0ubuntu6.06.2.diff.gz Size/MD5: 125369 93d8d0c3ad971109645ed33738dc4b17 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22-0ubuntu6.06.2.dsc Size/MD5: 1106 541b253aea07ad5282f2684aba12eb69 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22.orig.tar.gz Size/MD5: 18446645 2b8f36364373461190126817ec872031 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.22-0ubuntu6.06.2_all.deb Size/MD5: 36894 08567e0fbadc46d35ebfa27a31d5b994 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.22-0ubuntu6.06.2_all.deb Size/MD5: 39392 2e1b0e1151521015f20a75389ca7dba0 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.22-0ubuntu6.06.2_all.deb Size/MD5: 36902 ba9d9e6d9645f36f5ee61cd9208b3de0 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.2_amd64.deb Size/MD5: 6725782 c8551554b1374b163b8122d7e08a090a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.2_amd64.deb Size/MD5: 1421776 343e99f256f53c37a9f6f9240a163594 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.2_amd64.deb Size/MD5: 6895702 757174f4891714e402bc31287c14b1cd http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.2_amd64.deb Size/MD5: 22491142 31641f7b65ecefcb92df5f8ad0f81e12 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.2_i386.deb Size/MD5: 6139348 adf444d4082a3a1526ae3fe78a8796a4 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.2_i386.deb Size/MD5: 1382302 31fae9b4b01ef036b1bdf12c71aceda3 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.2_i386.deb Size/MD5: 6277978 c4656f594891017951e79f6456802a69 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.2_i386.deb Size/MD5: 21347894 674e8c24a30c33fa5ec27b1633833995 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.2_powerpc.deb Size/MD5: 6883060 795ed1bf828a08d737ab7603021a5eeb http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.2_powerpc.deb Size/MD5: 1462086 72f42656fb322182ed0334a5b1b83a86 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.2_powerpc.deb Size/MD5: 6939654 a85d437e56dc649083a3f222cd8d7c1b http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.2_powerpc.deb Size/MD5: 22704258 c5fd77b7e16d6f32b7f4cc94a93a7d75 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.2_sparc.deb Size/MD5: 6430786 a6c43a2b92b87fe1f7817c625449259d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.2_sparc.deb Size/MD5: 1434196 89c743b174eb4afd5d108fddf6f7d8d6 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.2_sparc.deb Size/MD5: 6535922 5d043bec6799cd5e36875d011c4c2456 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.2_sparc.deb Size/MD5: 21969284 ea10af49928ae208797d662b216a2e69 ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-338-1 OTHER REFERENCES: SA21259: http://secunia.com/advisories/21259/ SA21506: http://secunia.com/advisories/21506/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------