The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of MySQL: memory reading via COM_TABLE_CONNECT

Synthesis of the vulnerability 

An attacker can use COM_TABLE_CONNECT packets in order to obtain information.
Vulnerable systems: Debian, Fedora, Mandriva Linux, Mandriva NF, MySQL Community, MySQL Enterprise, openSUSE, Solaris, RHEL, Slackware, TurboLinux.
Severity of this threat: 2/4.
Creation date: 03/05/2006.
Références of this weakness: 236703, 6686179, CERTA-2006-AVI-182, CVE-2006-1516, DSA-1071-1, DSA-1073-1, DSA-1079-1, FEDORA-2006-553, FEDORA-2006-554, MDKSA-2006:084, RHSA-2006:054, RHSA-2006:0544-01, SSA:2006-129-02, SSA:2006-155-01, SUSE-SA:2006:036, SUSE-SR:2006:012, TLSA-2006-11, VIGILANCE-VUL-5810.

Description of the vulnerability 

The MySQL server supports several commands which can be sent from a client (3306/tcp or unix socket):
 - COM_CONNECT : session initialization
 - COM_QUIT : session end
 - COM_QUERY : query
 - COM_TABLE_DUMP : table dump for slaves

During COM_TABLE_CONNECT usage, server returns an answer indicating for example that user's authentication was rejected. However, buffer containing username is not flushed before being returned. It thus contains memory fragments.

A network attacker can therefore obtain information.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer weakness bulletin impacts software or systems such as Debian, Fedora, Mandriva Linux, Mandriva NF, MySQL Community, MySQL Enterprise, openSUSE, Solaris, RHEL, Slackware, TurboLinux.

Our Vigil@nce team determined that the severity of this computer threat announce is medium.

The trust level is of type confirmed by the editor, with an origin of intranet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this threat announce.

Solutions for this threat 

MySQL: version 4.0.27.
Version 4.0.27 is corrected:
       http://dev.mysql.com/downloads/mysql/4.0.html
       http://downloads.mysql.com/archives.php?p=mysql-4.0&v=4.0.27

MySQL: version 4.1.19.
Version 4.1.19 is corrected:
  http://dev.mysql.com/downloads/

MySQL: version 5.0.21.
Version 5.0.21 is corrected:
  http://dev.mysql.com/downloads/

Debian 3.0: new mysql packages.
New packages are available:
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.15_i386.deb
      Size/MD5 checksum: 236716 fa80e65e6efb9a1f01f2832a82f9f905
    http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.15_i386.deb
      Size/MD5 checksum: 578846 959e7c46425a7454f7fe0b198b40762e
    http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.15_i386.deb
      Size/MD5 checksum: 124372 597d974c2470682b0f1de92271fdabbd
    http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.15_i386.deb
      Size/MD5 checksum: 2802762 82fb998296316b7226d1f850eaa273a8
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.15_ia64.deb
      Size/MD5 checksum: 317344 3d6a459ab7e69b4f0750a59a2d094758
    http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.15_ia64.deb
      Size/MD5 checksum: 851348 c8e69d70baf65b1a4fbbb73bf00632a1
    http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.15_ia64.deb
      Size/MD5 checksum: 175632 796a940396042f2bcaddea018ede0d51
    http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.15_ia64.deb
      Size/MD5 checksum: 4002688 67622e35054325460cdd6394a9e4dfc8

Debian 3.1: new mysql-dfsg-4.1 packages.
New packages are available:
  AMD64 architecture:
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge3_amd64.deb
      Size/MD5 checksum: 1451580 f407ef8b6c520b23020df6f8ce4495aa
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge3_amd64.deb
      Size/MD5 checksum: 5551440 d1ded46c8b586cdee728fab22180208f
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge3_amd64.deb
      Size/MD5 checksum: 849082 9161807c8c260e7e0e2cd0cb9fa3a79d
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge3_amd64.deb
      Size/MD5 checksum: 14711044 d2d9275ff03c2c04adb64658a7e78564
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge3_i386.deb
      Size/MD5 checksum: 1417574 c6bdb99fa2ab2def5403bfd97657b3bf
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge3_i386.deb
      Size/MD5 checksum: 5643226 a407082ba8a04f1753f70fe9c8e3f70c
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge3_i386.deb
      Size/MD5 checksum: 830226 997baad8b8255166dfebd155f24c7558
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge3_i386.deb
      Size/MD5 checksum: 14557608 c73ddde57d286c9df3742d5fd619281b
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge3_ia64.deb
      Size/MD5 checksum: 1712842 eef94aab0159f71a9fd90772f91b4a76
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge3_ia64.deb
      Size/MD5 checksum: 7782132 755cc9d914f6ae116d5540920bf8dc99
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge3_ia64.deb
      Size/MD5 checksum: 1050204 b2ee7722223cb450f866ce69852fe304
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge3_ia64.deb
      Size/MD5 checksum: 18475254 c72ffcb6e1e7796b466950aceae48bb3

Debian 3.1: new mysql-dfsg packages.
New packages are available:
  AMD64 architecture:
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge2_amd64.deb
      Size/MD5 checksum: 309490 c7943142f1f618987c87073c5893174e
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge2_amd64.deb
      Size/MD5 checksum: 3182676 e62cc19620500c5430447978b7e645c6
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge2_amd64.deb
      Size/MD5 checksum: 434022 55e3f43e8ac136951fc1b679df820cd1
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge2_amd64.deb
      Size/MD5 checksum: 3878414 5ab561357abca1720b9942c9f8e78a4e
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge2_i386.deb
      Size/MD5 checksum: 296570 7cdd0f7a094215ab98249514031ef9a0
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge2_i386.deb
      Size/MD5 checksum: 2922132 84cffb8467493bcf0cf49ef3a21caa67
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge2_i386.deb
      Size/MD5 checksum: 415162 7bb2bfd6b9853d51abbf958eeed5b23f
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge2_i386.deb
      Size/MD5 checksum: 3645982 b2d2991bee2e019a45cbaa39fa7e9f6b
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge2_ia64.deb
      Size/MD5 checksum: 395396 b03b6af8b0e21c8e80bbc8d2ef5c7817
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge2_ia64.deb
      Size/MD5 checksum: 4472590 aa5afd6648c2034fd0d254100e2e42fc
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge2_ia64.deb
      Size/MD5 checksum: 562984 e357eebc432a81d9f8f4c94f365528d4
    http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge2_ia64.deb
      Size/MD5 checksum: 5328582 1f528438e2282f4b51c13932d70875fd

Fedora Core 4: new mysql packages.
New packages are available:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
75dba773fd50433b6815c551e05fdd3c437cf41d SRPMS/mysql-4.1.19-1.FC4.1.src.rpm
f1a2e6995d714be75f518dfe1a190bde158820f2 ppc/mysql-4.1.19-1.FC4.1.ppc.rpm
3f289f6f64e7174c1a45f55c52722dd57ddb946c ppc/mysql-server-4.1.19-1.FC4.1.ppc.rpm
b7052dbd6e18f8626dc75f173789d6fa67aef328 ppc/mysql-devel-4.1.19-1.FC4.1.ppc.rpm
26041957861f4372ee70bdc6fc8a690981334e56 ppc/mysql-bench-4.1.19-1.FC4.1.ppc.rpm
994a5ffad4abb37f023c9845f5ccc955c124b302 ppc/debug/mysql-debuginfo-4.1.19-1.FC4.1.ppc.rpm
170b3f659a67b19c6d4e07e994583d037017dc63 ppc/mysql-4.1.19-1.FC4.1.ppc64.rpm
eee4cf27362bc64a1631984f2192406e2551a0b9 x86_64/mysql-4.1.19-1.FC4.1.x86_64.rpm
1401ca35e02b16f4fb5dc7553c7c0a7bf3f09f49 x86_64/mysql-server-4.1.19-1.FC4.1.x86_64.rpm
4101d35d71d45e858a8593ab3ef2844d3553a52d x86_64/mysql-devel-4.1.19-1.FC4.1.x86_64.rpm
fe07342f7fdef3c9a085fc79c372d22de843b98b x86_64/mysql-bench-4.1.19-1.FC4.1.x86_64.rpm
0a4df2d2897ad409e4f10c69a3cd6c4cf8eaf40a x86_64/debug/mysql-debuginfo-4.1.19-1.FC4.1.x86_64.rpm
29526c85b19c297efe16e5cbb6c4dda94564b132 i386/mysql-4.1.19-1.FC4.1.i386.rpm
f9c28ec6cb04cab4643254f0e3ebfbe65ba55339 i386/mysql-server-4.1.19-1.FC4.1.i386.rpm
87bf4ee105410dd041d76e998bc96bdce366be1a i386/mysql-devel-4.1.19-1.FC4.1.i386.rpm
baeedbf25d4dbd203ac940282ee993800391c224 i386/mysql-bench-4.1.19-1.FC4.1.i386.rpm
b387122ff8815228b559e1bf4673be29a42f3c9c i386/debug/mysql-debuginfo-4.1.19-1.FC4.1.i386.rpm

Fedora Core 5: new mysql packages.
New packages are available:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
ac47e3f4a5fc95a08d554d7f3bd9099a9ce943a8 SRPMS/mysql-5.0.21-2.FC5.1.src.rpm
0183126827d8f292b36722aa058210bf2fd47215 ppc/mysql-5.0.21-2.FC5.1.ppc.rpm
a54da35d6e8eb63ff23bc4a02b0ee0165e59bd98 ppc/mysql-server-5.0.21-2.FC5.1.ppc.rpm
72bc9aa07b6605e68e1aef69ea15eb45bff64782 ppc/mysql-devel-5.0.21-2.FC5.1.ppc.rpm
5aeb99bc1cffe8cab76ec7583028f362da2b7d2a ppc/mysql-bench-5.0.21-2.FC5.1.ppc.rpm
9c63415e339e3efb2afc3764e228ec53a105a106 ppc/mysql-test-5.0.21-2.FC5.1.ppc.rpm
62b46ef270c73906c9480ce7cc3e0dce7d48b925 ppc/debug/mysql-debuginfo-5.0.21-2.FC5.1.ppc.rpm
fbe02ebbb52cec090d73bd3a1b74b9a67469a0c6 ppc/mysql-5.0.21-2.FC5.1.ppc64.rpm
3a36f8576d2fc601b59b0cf9bddef9d7ff744aa2 x86_64/mysql-5.0.21-2.FC5.1.x86_64.rpm
abb5caef40aad402c636a66a9112bc9b06e2d6fe x86_64/mysql-server-5.0.21-2.FC5.1.x86_64.rpm
8009c122c76e055cad026aeb3cb8bb44eb312810 x86_64/mysql-devel-5.0.21-2.FC5.1.x86_64.rpm
358c6eb58f10a9eff6a24dcffb249bd381f02b4e x86_64/mysql-bench-5.0.21-2.FC5.1.x86_64.rpm
7a049221924a9253ed701d3c30e71d65d578a71c x86_64/mysql-test-5.0.21-2.FC5.1.x86_64.rpm
a9d1abdca3a9cdfeeaf0ec9f5221a117586683c6 x86_64/debug/mysql-debuginfo-5.0.21-2.FC5.1.x86_64.rpm
9c1b4e57f81f866cba7e795469239a1ea8160c42 i386/mysql-5.0.21-2.FC5.1.i386.rpm
e151003dadc6ab06f54c2a981d5352a00dd770f6 i386/mysql-server-5.0.21-2.FC5.1.i386.rpm
6e4f0df3ea6e4697638450ed2e92f69ec64b9932 i386/mysql-devel-5.0.21-2.FC5.1.i386.rpm
d97b65f7196e40211f648be58047f3f70a8a1d07 i386/mysql-bench-5.0.21-2.FC5.1.i386.rpm
6c0cdf15338315efe359cd7b637cae672b0e3ecb i386/mysql-test-5.0.21-2.FC5.1.i386.rpm
b944dade30e23bf00dbb5207fb03d1c60b771c2c i386/debug/mysql-debuginfo-5.0.21-2.FC5.1.i386.rpm

Mandriva: new MySQL packages.
New packages are available:
 
 Mandriva Linux 10.2:
 4909fe2f65460b5d570c6a7ba9cff866 10.2/RPMS/libmysql14-4.1.11-1.4.102mdk.i586.rpm
 2abf3bab6adb4c55869189a77fc3fb55 10.2/RPMS/libmysql14-devel-4.1.11-1.4.102mdk.i586.rpm
 5f7cb8b59cec81673b33c8f288854cdd 10.2/RPMS/MySQL-4.1.11-1.4.102mdk.i586.rpm
 baf754c73e1d9d5d075af16bbb670865 10.2/RPMS/MySQL-bench-4.1.11-1.4.102mdk.i586.rpm
 4186fd1a7a4addda9ed50c142f09e0ad 10.2/RPMS/MySQL-client-4.1.11-1.4.102mdk.i586.rpm
 26c570f455d7113f2af79493fce1f09c 10.2/RPMS/MySQL-common-4.1.11-1.4.102mdk.i586.rpm
 feb16e6ba1272758d8eb5b03960a8109 10.2/RPMS/MySQL-Max-4.1.11-1.4.102mdk.i586.rpm
 ff61354715f761a46a8910141c17308d 10.2/RPMS/MySQL-NDB-4.1.11-1.4.102mdk.i586.rpm
 52cbe54bd00e29484c6c25735c7bcb94 10.2/SRPMS/MySQL-4.1.11-1.4.102mdk.src.rpm
 Mandriva Linux 10.2/X86_64:
 505a4c981db838708fdf1f63bb8bf1d9 x86_64/10.2/RPMS/lib64mysql14-4.1.11-1.4.102mdk.x86_64.rpm
 58cfd4b6f1c2a44475fc4e0b155c411b x86_64/10.2/RPMS/lib64mysql14-devel-4.1.11-1.4.102mdk.x86_64.rpm
 71b93f12b9441a16a674e21d083fb106 x86_64/10.2/RPMS/MySQL-4.1.11-1.4.102mdk.x86_64.rpm
 e2453637f22fdc0035972e22ed5446d5 x86_64/10.2/RPMS/MySQL-bench-4.1.11-1.4.102mdk.x86_64.rpm
 924a711c2d7bfcb183e67c0ed8455cdf x86_64/10.2/RPMS/MySQL-client-4.1.11-1.4.102mdk.x86_64.rpm
 fea020684cfe4447d84b236ed3eb8712 x86_64/10.2/RPMS/MySQL-common-4.1.11-1.4.102mdk.x86_64.rpm
 4f613498aba6803507a6210025c364bd x86_64/10.2/RPMS/MySQL-Max-4.1.11-1.4.102mdk.x86_64.rpm
 d211d2b6bef7e4a8702b6d10f1a2e9c8 x86_64/10.2/RPMS/MySQL-NDB-4.1.11-1.4.102mdk.x86_64.rpm
 52cbe54bd00e29484c6c25735c7bcb94 x86_64/10.2/SRPMS/MySQL-4.1.11-1.4.102mdk.src.rpm
 Mandriva Linux 2006.0:
 1116c2cbc0a6f7b443caa1db80b7cc96 2006.0/RPMS/libmysql14-4.1.12-3.2.20060mdk.i586.rpm
 a1d6f0b6b6c3441723ddce425f9d7962 2006.0/RPMS/libmysql14-devel-4.1.12-3.2.20060mdk.i586.rpm
 9d8d79e0b992d7014e6fc48e759a6588 2006.0/RPMS/MySQL-4.1.12-3.2.20060mdk.i586.rpm
 f1b66a2737dd7cd25e91807fc228b538 2006.0/RPMS/MySQL-bench-4.1.12-3.2.20060mdk.i586.rpm
 9ff1b0895c676d7fb397be4d0696b510 2006.0/RPMS/MySQL-client-4.1.12-3.2.20060mdk.i586.rpm
 d9a488579d2318523bdd59bf3bea426c 2006.0/RPMS/MySQL-common-4.1.12-3.2.20060mdk.i586.rpm
 465af10c347f571dc01af650bd26c1ff 2006.0/RPMS/MySQL-Max-4.1.12-3.2.20060mdk.i586.rpm
 113a35b2c5d17ce60404787fcee90146 2006.0/RPMS/MySQL-NDB-4.1.12-3.2.20060mdk.i586.rpm
 5b2a2092676086292383ac5178cb0be1 2006.0/RPMS/X11R6-contrib-6.9.0-5.6.20060mdk.i586.rpm
 fab0e8f7d4365d264c28e5f731d3d34b 2006.0/SRPMS/MySQL-4.1.12-3.2.20060mdk.src.rpm
 Mandriva Linux 2006.0/X86_64:
 95076266d5ef2642c402f7130cdfe241 x86_64/2006.0/RPMS/lib64mysql14-4.1.12-3.2.20060mdk.x86_64.rpm
 acbdc71b998c812c24ed7114c368ece3 x86_64/2006.0/RPMS/lib64mysql14-devel-4.1.12-3.2.20060mdk.x86_64.rpm
 ea9a4fc478ddeb0fafaa50e0ea4a208f x86_64/2006.0/RPMS/MySQL-4.1.12-3.2.20060mdk.x86_64.rpm
 fef7934cf4bee099e8e64bc0b75f885d x86_64/2006.0/RPMS/MySQL-bench-4.1.12-3.2.20060mdk.x86_64.rpm
 e713937238d32342925e65ef301585e7 x86_64/2006.0/RPMS/MySQL-client-4.1.12-3.2.20060mdk.x86_64.rpm
 1f36af145e87802e37c673a66360fe34 x86_64/2006.0/RPMS/MySQL-common-4.1.12-3.2.20060mdk.x86_64.rpm
 c24793f5e9e10a9601db7dac7d096b29 x86_64/2006.0/RPMS/MySQL-Max-4.1.12-3.2.20060mdk.x86_64.rpm
 82b03a0968e65e92cdb569d8149e0fd1 x86_64/2006.0/RPMS/MySQL-NDB-4.1.12-3.2.20060mdk.x86_64.rpm
 fab0e8f7d4365d264c28e5f731d3d34b x86_64/2006.0/SRPMS/MySQL-4.1.12-3.2.20060mdk.src.rpm
 Corporate 3.0:
 08e6f2ab4f9e4c527519fb927cd1bbd7 corporate/3.0/RPMS/libmysql12-4.0.18-1.9.C30mdk.i586.rpm
 01de6e536bcd09a1b61c41b1f42f2f72 corporate/3.0/RPMS/libmysql12-devel-4.0.18-1.9.C30mdk.i586.rpm
 ddf99e4e753c37709883b04d1cf2030a corporate/3.0/RPMS/MySQL-4.0.18-1.9.C30mdk.i586.rpm
 4cee7ed9d192be77d78dd72d8fcd2eaa corporate/3.0/RPMS/MySQL-bench-4.0.18-1.9.C30mdk.i586.rpm
 65faadbbd953da2f71e7ba575aabd9c5 corporate/3.0/RPMS/MySQL-client-4.0.18-1.9.C30mdk.i586.rpm
 d88cb2542f68be1438770e916cedfbf8 corporate/3.0/RPMS/MySQL-common-4.0.18-1.9.C30mdk.i586.rpm
 8930f8e648b838abad0e905402d7f098 corporate/3.0/RPMS/MySQL-Max-4.0.18-1.9.C30mdk.i586.rpm
 d67f3b91058f8e17bf72d75b1d131e2d corporate/3.0/SRPMS/MySQL-4.0.18-1.9.C30mdk.src.rpm
 Corporate 3.0/X86_64:
 85adbefb6c932da4febb94fbd9ad477c x86_64/corporate/3.0/RPMS/lib64mysql12-4.0.18-1.9.C30mdk.x86_64.rpm
 d94af3b74686045910e2330bd5245a30 x86_64/corporate/3.0/RPMS/lib64mysql12-devel-4.0.18-1.9.C30mdk.x86_64.rpm
 36f0d3bb53766d832fce145d119f52c9 x86_64/corporate/3.0/RPMS/MySQL-4.0.18-1.9.C30mdk.x86_64.rpm
 538493e0ec4636f1dd0ec0ef8a26165c x86_64/corporate/3.0/RPMS/MySQL-bench-4.0.18-1.9.C30mdk.x86_64.rpm
 6773bce043fabd3871ec292bcbe20e7a x86_64/corporate/3.0/RPMS/MySQL-client-4.0.18-1.9.C30mdk.x86_64.rpm
 fd0876c6a9dfe36df6d116ce5433b152 x86_64/corporate/3.0/RPMS/MySQL-common-4.0.18-1.9.C30mdk.x86_64.rpm
 808c8c1e8d107e810a2a16f0be2aa5ac x86_64/corporate/3.0/RPMS/MySQL-Max-4.0.18-1.9.C30mdk.x86_64.rpm
 d67f3b91058f8e17bf72d75b1d131e2d x86_64/corporate/3.0/SRPMS/MySQL-4.0.18-1.9.C30mdk.src.rpm
 Multi Network Firewall 2.0:
 516e242273227de34c51bc5d5ddd23fd mnf/2.0/RPMS/libmysql12-4.0.18-1.9.M20mdk.i586.rpm
 043291efac87bbdcb08ecb706ba4301d mnf/2.0/SRPMS/MySQL-4.0.18-1.9.M20mdk.src.rpm

RHEL: new mysql packages.
New packages are available:
Red Hat Enterprise Linux version 4: mysql-4.1.20-1.RHEL4.1

Slackware: new mysql packages.
New packages are available:
Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mysql-4.1.19-i486-1.tgz
Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mysql-5.0.21-i486-1.tgz

Slackware: new mysql packages.
New packages are available:
Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mysql-4.0.27-i486-1_slack9.1.tgz
Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mysql-4.0.27-i486-1_slack10.0.tgz
Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mysql-4.0.27-i486-1_slack10.1.tgz
Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mysql-4.1.20-i486-1_slack10.2.tgz
Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mysql-5.0.22-i486-1.tgz

Solaris: patch for MySQL.
A patch is available:
  SPARC Platform
    Solaris 10 : patch 120292-02
  x86 Platform
    Solaris 10 : patch 120293-02

SUSE Linux: new mysql packages.
New packages are available:
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mysql-5.0.18-16.1.i586.rpm
         4dea85f3d52c94e09c469a79ab43fb5f
   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mysql-4.1.13-3.4.i586.rpm
         e0e8621cff3ed97a28b92c684c5a7a22
   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mysql-4.1.10a-3.6.i586.rpm
         03f598b001d1e845f21dce3757aa8a86
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mysql-Max-4.1.10a-3.6.i586.rpm
         26f4d0a0eeb71ebf33086086f1fe7a7d
   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mysql-4.0.21-4.8.i586.rpm
         d08f0a3f00b0b57691059e16808c334c
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mysql-Max-4.0.21-4.8.i586.rpm
         e020aff4f0e75e8874bc589491431adf
   SUSE LINUX 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mysql-4.0.18-32.23.i586.rpm
         c2fe788b964bda22174cee23305dd07d
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mysql-Max-4.0.18-32.26.i586.rpm
         f2d7e97ddcb8ad1bb71e3d3479be3a94

SUSE: new mysql, dia, ruby, libextractor packages.
New packages are available by YaST or FTP.

Turbolinux: new mysql packages.
New packages are available:
Turbolinux Appliance Server 2.0 : mysql-4.0.20-23
Turbolinux FUJI : mysql-4.0.21-15
Turbolinux 10 Server x64 Edition : mysql-4.0.21-15
Turbolinux Appliance Server 1.0 : MySQL-3.23.58-17
Turbolinux 10 Server : mysql-4.0.20-23
Turbolinux 10 Desktop : MySQL-3.23.58-17
Turbolinux 8 : MySQL-3.23.58-17
Turbolinux 7 Server : MySQL-3.23.58-17
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a networks vulnerabilities database. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.