SuSE9 Security Update : MySQL (YOU Patch Number 12456)
High Nessus Plugin ID 41313
SynopsisThe remote SuSE 9 host is missing a security-related patch.
DescriptionThis update is provided as RPM packages that can easily be installed onto a running system by using the YaST online update module.
- the COM_CREATE_DB and COM_DROP_DB suffered from format string vulnerabilities. (CVE-2009-2446)
- the command line client was prone to cross-site scripting (XSS) attacks. (CVE-2008-4456)
Additionally a problem that sometimes prevented slave hosts from reconnecting to the master server has been fixed.
SolutionApply YOU patch number 12456.