ius-coredev team mailing list archive

Thread
Date

[Bug 1088513] Re: MySQL - CVE-2012-3163: Identify if IUS Packages are vulnerable

To: ius-coredev@xxxxxxxxxxxxxxxxxxx
From: Jeffrey Ness <1088513@xxxxxxxxxxxxxxxxxx>
Date: Mon, 10 Dec 2012 15:36:49 -0000
Reply-to: Bug 1088513 <1088513@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

It does not appear mysql51 is affected:

# rpm -qa | grep mysql | grep server
mysql51-server-5.1.66-1.ius.el5

# perl mysql_bufferoverrun_pl 
== Connecting to database ==
== Connected ==
== Creating large string for buffer overflow ==
== Attempting to grant with large string ==
DBD::mysql::st execute failed: Access denied for user 'jeffrey'@'localhost' (using password: YES) at mysql_bufferoverrun_pl line 63.
DBD::mysql::st execute failed: Access denied for user 'jeffrey'@'localhost' (using password: YES) at mysql_bufferoverrun_pl line 63.

-- 
You received this bug notification because you are a member of IUS Core
Development, which is subscribed to IUS Community Project.
https://bugs.launchpad.net/bugs/1088513

Title:
  MySQL - CVE-2012-3163: Identify if IUS Packages are vulnerable

Status in IUS Community Project:
  Won't Fix

Bug description:
  Redhat Bug Report:

       https://bugzilla.redhat.com/show_bug.cgi?id=881064#c6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ius/+bug/1088513/+subscriptions

References

[Bug 1088513] [NEW] MySQL - CVE-2012-3163: Identify if IUS Packages are vulnerable
From: Jeffrey Ness, 2012-12-10