School Map:
Home / Enroll
$ Student Records; Class
$ News @ LIVE
Tech Radio * Support/FAQ
| Store | FORUMS
Class / Forums / homeroom  |
New MySQL Release fixes Security Holes |
(#77 2002-12-30 20:36:29) Post Reply |
|
logspirit
|
From http://www.databasejournal.com:
MySQL Flaw Lets Intruders Into Databases, Systems [From ExtremeTech] According to an advisory recently published by e-matters GmbH, all editions of MySQL (with the exception of the latest version of the GPLed MySQL package) have vulnerabilities that make them subject to denial of service attacks and arbitrary code execution. An intruder across the Internet can crash the database server, bypass password authentication, extract private data from the database, or (in some cases) run code with all of the privileges of the database server. According to the advisory, it's even easier for local users to break in. To close the hole, it's necessary to upgrade to MySQL 3.23.54, which was released on 12 December 2002 with the purpose of fixing the vulnerabilities. The complete article is available at http://www.extremetech.com/article2/0,3973,765036,00.asp MySQL Releases Database Upgrade with Major Security, Stability Enhancements MySQL AB, developer of the world's most popular open source database, yesterday announced that a new upgrade release of the MySQL(TM) database is now available. This release, MySQL Version 3.23.54, includes significant enhancements to database security and stability that resolve issues reported to the company last week, as well as other bug fixes. http://www.databasejournal.com/news/article.php/1558271 As an open source database, the MySQL software code is constantly evaluated and tested by the large MySQL user community. As a result, MySQL AB releases regular database upgrades that fix all known bugs, enhance overall performance, and ensure that the MySQL developer community always has the most up-to-date and stable version of the database. "One of the big benefits of being open source is that our code is battle-tested by the over 4 million MySQL users, which results in very stable software," said Merten Mickos, MySQL CEO. "We are able to respond very quickly to any kind of bug report - often making source code fixes available within 24 hours. We encourage MySQL developers to always use the latest version of the MySQL database." MySQL Version 3.23.54 is an upgrade to the current stable version of MySQL, Version 3.23, and it is now available in source and binary form from the MySQL download pages at http://www.mysql.com/downloads/ and mirror sites. All users of MySQL 3.23 are advised to upgrade to version 3.23.54. MySQL Version 4.0.6, which also addresses the recent security issues, will be released by the end of this week. Version 4.0.6 has been declared "gamma," which means it is ready for production use, and MySQL AB is encouraging developers to consider switching to 4.0 now. The complete press release is available at http://www.mysql.com/press/release_2002_17.html
|
|
 View Previous Thread Print This Page |
School Map:
Home / Enroll
$ Student Records; Class
$ News @ LIVE
Tech Radio * Support/FAQ
| Store
Advertising
| Link To Us | Privacy
Copyright 2000-2002 Script School Productions / KMR
Enterprises
No part of this website may be reproduced, copied and/or distributed
in any medium
without express written permission
