RHEL 3 : mysql (RHSA-2004:569)
Medium Nessus Plugin ID 15534
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated mysql packages that fix various temporary file security issues, as well as a number of bugs, are now available.
MySQL is a multi-user, multi-threaded SQL database server.
This update fixes a number of small bugs, including some potential security problems associated with careless handling of temporary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0381, CVE-2004-0388, and CVE-2004-0457 to these issues.
A number of additional security issues that affect mysql have been corrected in the source package. These include CVE-2004-0835, CVE-2004-0836, CVE-2004-0837, and CVE-2004-0957. Red Hat Enterprise Linux 3 does not ship with the mysql-server package and is therefore not affected by these issues.
This update also allows 32-bit and 64-bit libraries to be installed concurrently on the same system.
All users of mysql should upgrade to these updated packages, which resolve these issues.
SolutionUpdate the affected mysql, mysql-bench and / or mysql-devel packages.