Ubuntu Security Notice USN-109-1
6th April, 2005
mysql-dfsg vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 4.10
Details
USN-32-1 fixed a database privilege escalation vulnerability; original
advisory text:
"If a user was granted privileges to a database with a name
containing an underscore ("_"), the user also gained the ability to
grant privileges to other databases with similar names.
(CAN-2004-0957)"
Recently a corner case was discovered where this vulnerability can
still be exploited, so another update is necessary.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 4.10:
- mysql-server
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None