The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before
5.1.18 does not restore THD::db_access privileges when returning from SQL
SECURITY INVOKER stored routines, which allows remote authenticated users
to gain privileges.
jdstrand> very large complicated patch that requires many changes to the
source and does not apply cleanly at all to feisty's 5.0.38, let alone
to edgy and dapper. Trying to backport this fix would more than likely cause
larger problems than not fixing it. Currently discussing a one-time
MicroVersionUpdate option. May have to "wont-fix" and give an updated
pacakge in -backports.
jdstrand> per pitti et al, too many changes for a MicroVersionUpdate
jdstrand> patch now in etch (5.0.32-7etch3), but causes several test cases to
fail on dapper through feisty (TODO: test etch)
jdstrand> etch patch left out both the test cases and patch to sql/sql_db.cc.
If add the test cases then etch fails
|Vendor:||debian etch (5.0.32-7etch3)|
Updated: 2016-03-23 03:28:52 UTC (commit 10817)