Candidate: CVE-2009-4028 PublicDate: 2009-11-30 17:30:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 Description: The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library. Ubuntu-Description: Notes: mdeslaur> dapper doesn't build with ssl mdeslaur> hardy+ builds with yaSSL mdeslaur> none of our releases are vulnerable, as the yaSSL code ignores mdeslaur> the verify callback (see mysql bug) Bugs: http://bugs.mysql.com/47320 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4028 Priority: medium Discovered-by: Assigned-to: CVSS: Patches_mysql-dfsg: upstream_mysql-dfsg: needs-triage dapper_mysql-dfsg: ignored (reached end-of-life) hardy_mysql-dfsg: DNE intrepid_mysql-dfsg: DNE jaunty_mysql-dfsg: DNE karmic_mysql-dfsg: DNE devel_mysql-dfsg: DNE Patches_mysql-dfsg-4.1: upstream: http://lists.mysql.com/commits/87446 upstream_mysql-dfsg-4.1: needs-triage dapper_mysql-dfsg-4.1: ignored (reached end-of-life) hardy_mysql-dfsg-4.1: DNE intrepid_mysql-dfsg-4.1: DNE jaunty_mysql-dfsg-4.1: DNE karmic_mysql-dfsg-4.1: DNE devel_mysql-dfsg-4.1: DNE Patches_mysql-dfsg-5.0: upstream: look at 4.1 patch upstream_mysql-dfsg-5.0: needs-triage dapper_mysql-dfsg-5.0: not-affected (5.0.22-0ubuntu6.06.11) hardy_mysql-dfsg-5.0: not-affected (5.0.51a-3ubuntu5.4) intrepid_mysql-dfsg-5.0: not-affected (5.0.67-0ubuntu6) jaunty_mysql-dfsg-5.0: not-affected (5.1.30really5.0.75-0ubuntu10.2) karmic_mysql-dfsg-5.0: not-affected (5.1.30really5.0.83-0ubuntu3) devel_mysql-dfsg-5.0: not-affected (5.1.30really5.0.83-0ubuntu3) Patches_mysql-dfsg-5.1: upstream: look at 4.1 patch upstream_mysql-dfsg-5.1: needs-triage dapper_mysql-dfsg-5.1: DNE hardy_mysql-dfsg-5.1: DNE intrepid_mysql-dfsg-5.1: DNE jaunty_mysql-dfsg-5.1: not-affected (5.1.31-1ubuntu2) karmic_mysql-dfsg-5.1: not-affected (5.1.37-1ubuntu5) devel_mysql-dfsg-5.1: not-affected (5.1.41-3ubuntu2)