CVE-2010-3834

Published: 5 November 2010

Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."

Notes

Author	Note
jdstrand	mysql-cluster-7.0 not supported per server team

Priority

Status

Package	Release	Status
mysql-5.1 Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Does not exist
	lucid	Does not exist
	maverick	Released (5.1.49-1ubuntu8.1)
	natty	Not vulnerable (5.1.54-1ubuntu2)
	oneiric	Not vulnerable (5.1.54-1ubuntu2)
	upstream	Released (5.1.51)
mysql-cluster-7.0 Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Does not exist
	lucid	Ignored
	maverick	Ignored
	natty	Ignored
	oneiric	Ignored
	upstream	Needs triage
mysql-dfsg-5.0 Launchpad, Ubuntu, Debian	dapper	Released (5.0.22-0ubuntu6.06.15)
	hardy	Released (5.0.51a-3ubuntu5.8)
	karmic	Ignored (end of life)
	lucid	Does not exist
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Needs triage
mysql-dfsg-5.1 Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Released (5.1.37-1ubuntu5.5)
	lucid	Released (5.1.41-3ubuntu12.7)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (5.1.51)
	Patches: upstream: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/3461.2.1 upstream: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/3461.1.26 upstream: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/2482

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›