Date: Sun, 11 Jul 2004 23:23:48 +0300 From: Haim Ashkenazi <haim@babysnakes.org> To: freebsd-stable@freebsd.org Subject: Re: what happened to mysql vulnerability Message-ID: <pan.2004.07.11.20.23.45.898659@babysnakes.org> References: <pan.2004.07.11.08.27.16.598733@babysnakes.org> <53104FEB-D322-11D8-9FD7-000A95A951B0@online.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 11 Jul 2004 12:08:58 +0200, Jan Demter wrote: > > Am 11.07.2004 um 10:27 schrieb Haim Ashkenazi: >> in the last few days I saw a vulnerability in the portaudit output for >> mysql 4.0.20. checking mysql website I saw that they didn't release a >> fix >> yet for the 4.0 series (only for 4.1). I could wait for it because the >> problem is not so bad for me since I use "skip-networking" in my mysql >> configuration. last night the warning disappeared from the output of >> portaudit and I didn't upgrade anything. any idea why? > > MySQL 4.0 is not affected by this particular vulnerability, it was > put in the portaudit-database in error at first and then corrected > later. > > You can look up what changed and why in the portaudit-database here: > http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/portaudit-db/ > database/portaudit.txt thanx. Bye -- Haim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?pan.2004.07.11.20.23.45.898659>