Mandriva Linux Security Advisory : mysql (MDVSA-2010:223)
Medium Nessus Plugin ID 50534
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities were discovered and corrected in mysql :
- During evaluation of arguments to extreme-value functions (such as LEAST() and GREATEST()), type errors did not propagate properly, causing the server to crash (CVE-2010-3833).
- The server could crash after materializing a derived table that required a temporary table for grouping (CVE-2010-3834).
- A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted (CVE-2010-3835).
- Pre-evaluation of LIKE predicates during view preparation could cause a server crash (CVE-2010-3836).
- GROUP_CONCAT() and WITH ROLLUP together could cause a server crash (CVE-2010-3837).
- Queries could cause a server crash if the GREATEST() or LEAST() function had a mixed list of numeric and LONGBLOB arguments, and the result of such a function was processed using an intermediate temporary table (CVE-2010-3838).
- Queries with nested joins could cause an infinite loop in the server when used from stored procedures and prepared statements (CVE-2010-3839).
- The PolyFromWKB() function could crash the server when improper WKB data was passed to the function (CVE-2010-3840).
The updated packages have been patched to correct these issues.
SolutionUpdate the affected packages.