Date: Sun, 11 Jul 2004 12:08:58 +0200 From: Jan Demter <jan.d@online.de> To: Haim Ashkenazi <haim@babysnakes.org> Cc: freebsd-stable@freebsd.org Subject: Re: what happened to mysql vulnerability Message-ID: <53104FEB-D322-11D8-9FD7-000A95A951B0@online.de> In-Reply-To: <pan.2004.07.11.08.27.16.598733@babysnakes.org> References: <pan.2004.07.11.08.27.16.598733@babysnakes.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 11.07.2004 um 10:27 schrieb Haim Ashkenazi: > in the last few days I saw a vulnerability in the portaudit output for > mysql 4.0.20. checking mysql website I saw that they didn't release a > fix > yet for the 4.0 series (only for 4.1). I could wait for it because the > problem is not so bad for me since I use "skip-networking" in my mysql > configuration. last night the warning disappeared from the output of > portaudit and I didn't upgrade anything. any idea why? MySQL 4.0 is not affected by this particular vulnerability, it was put in the portaudit-database in error at first and then corrected later. You can look up what changed and why in the portaudit-database here: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/portaudit-db/ database/portaudit.txt yours, Jan -- "Aus 100 Dollar 110 Dollar zu machen, ist Arbeit. Aus 100 Millionen Dollar 110 Millionen Dollar zu machen, ist unvermeidlich." -- Edgar Bronfman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53104FEB-D322-11D8-9FD7-000A95A951B0>