CVE-2013-1861

Publication date 28 March 2013

Last updated 24 July 2024


Ubuntu priority

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

Read the notes from the security team

Status

Package Ubuntu Release Status
mysql-5.5 13.04 raring
Fixed 5.5.32-0ubuntu0.13.04.1
12.10 quantal
Fixed 5.5.32-0ubuntu0.12.10.1
12.04 LTS precise
Fixed 5.5.32-0ubuntu0.12.04.1
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
mysql-dfsg-5.1 13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
10.04 LTS lucid
Fixed 5.1.70-0ubuntu0.10.04.1
8.04 LTS hardy Not in release

Notes


mdeslaur

Fixed in 5.1.70, 5.5.32, 5.6.12


seth-arnold

Not actually fixed in 1807-1 -- my mistake