[debian-mysql] Fw: Bug#451235: CVE-2007-5925 Denial of Service vulnerability in innodb via crafted query

Norbert Tretkowski norbert at tretkowski.de
Wed Nov 14 16:09:10 UTC 2007

Am Mittwoch, den 14.11.2007, 16:55 +0100 schrieb Moritz Muehlenhoff:
> Can this realistically be triggered through a webapp?


> Does it crash the entire database server or a single delivery process?

It crashes the entire database server, but it's immediately restarted by

> If it's more or less harmless it could be postponed to a later MySQL
> DSA instead.

I wouldn't call it harmless, but if we have a chance to do another
upload *soon* I'm fine with postponing it for now, because we don't have
a patch for 5.0 yet.


More information about the pkg-mysql-maint mailing list