Bugzilla – Bug 861493
VUL-0: CVE-2014-0001: mysql: command-line tool buffer overflow via long server version string
Last modified: 2014-07-30 12:29:06 UTC
The MySQL and MariaDB command line clients are affected by an buffer overflow when receiving the server version string. The solution is straight forward: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 CVE-2014-0001 was assigned by this issue. References: https://bugzilla.redhat.com/show_bug.cgi?id=1054592
bugbot adjusting priority
Created attachment 589303 [details] Patch for CVE-2014-0001 Patch for this issue. Could be already fixed in 5.5.37
The SWAMPID for this issue is 57284. This issue was rated as important. Please submit fixed packages until 2014-05-16. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Update released for: libmysql55client18, libmysql55client18-32bit, libmysql55client18-64bit, libmysql55client18-x86, libmysql55client_r18, libmysql55client_r18-32bit, libmysql55client_r18-64bit, libmysql55client_r18-x86, libmysqlclient-devel, libmysqlclient15, libmysqlclient15-32bit, libmysqlclient15-64bit, libmysqlclient15-x86, libmysqlclient_r15, libmysqlclient_r15-32bit, libmysqlclient_r15-64bit, libmysqlclient_r15-x86, mysql, mysql-Max, mysql-bench, mysql-client, mysql-debug, mysql-debug-version, mysql-debuginfo, mysql-debugsource, mysql-test, mysql-tools Products: SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP3 (i386, x86_64) SLE-SDK 11-SP3 (ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP3 (i386, x86_64)
fixed and released