Language Selection

English French German Italian Portuguese Spanish

Open MySQL security holes

Filed under
Software
Security

Oracle's forthcoming version 5.1.47 of MySQL is said to contain several important security patches. The changelog states that the developers have closed three security holes which allow attackers to cause a server crash, obtain unauthorised database access or, in the worst case, inject arbitrary code and execute it on the server. The developers didn't mention which exact versions are affected.

While the flaws are already listed in the MySQL bug tracker, unlike the changelog the bug tracker entries are not publicly available. It was, therefore, a rather clumsy decision to provide the general public with such detailed information about the security holes; while the added attention makes it more likely that the holes will be exploited, the hands of admins are tied because they have no fixed version to switch to.

rest here




More in Tux Machines

Android-on-ARM mini-PC draws less than 7W

The DSA2LS runs a pre-installed Android 4.2.2 (Jelly Bean) with integrated online or offline update functionality on a dual-core, 1GHz Freescale i.MX6 DualLite system-on-chip. The SoC has a Vivante GC880 GPU that’s not as powerful as the Vivante GC2000 GPU found on the Dual and Quad i.MX6 models, but it still plays back 1080p video and offers 3D graphics acceleration. The power-sipping DualLite enables the fanless computer to run at a modest 6.26W active and 1.42W standby, according to Shuttle’s AnTuTu benchmarks. Read more

today's howtos

Leftovers: Software

Userptr Support Set For AMD Radeon GPUs In Linux 3.18

While it was originally set for Linux 3.17, with the Linux 3.18 kernel that's still months away will be userptr support for the AMD Radeon graphics driver. Read more