Candidate: CVE-2009-5026
PublicDate: 2012-08-17 00:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5026
Description:
 The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x
 before 5.1.50, when running in certain slave configurations in which the
 slave is running a newer version than the master, allows remote attackers
 to execute arbitrary SQL commands via custom comments.
Ubuntu-Description: 
Notes:
 jdstrand> mysql-cluster-7.0 not supported per server team 
Bugs: 
 http://bugs.mysql.com/bug.php?id=49124
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_mysql-dfsg-5.0:
upstream_mysql-dfsg-5.0: not-affected (5.0.51a-24+lenny5)
hardy_mysql-dfsg-5.0: not-affected (5.0.51a-3ubuntu5.8)
lucid_mysql-dfsg-5.0: DNE
maverick_mysql-dfsg-5.0: DNE
natty_mysql-dfsg-5.0: DNE
oneiric_mysql-dfsg-5.0: DNE
devel_mysql-dfsg-5.0: DNE

Patches_mysql-dfsg-5.1:
upstream_mysql-dfsg-5.1: DNE
hardy_mysql-dfsg-5.1: DNE
lucid_mysql-dfsg-5.1: released (5.1.61-0ubuntu0.10.04.1)
maverick_mysql-dfsg-5.1: DNE
natty_mysql-dfsg-5.1: DNE
oneiric_mysql-dfsg-5.1: DNE
devel_mysql-dfsg-5.1: DNE

Patches_mysql-5.1:
upstream_mysql-5.1: not-affected (5.1.58-1)
hardy_mysql-5.1: DNE
lucid_mysql-5.1: DNE
maverick_mysql-5.1: released (5.1.61-0ubuntu0.10.10.1)
natty_mysql-5.1: not-affected (5.1.54-1ubuntu4)
oneiric_mysql-5.1: not-affected
devel_mysql-5.1: not-affected

Patches_mysql-cluster-7.0:
upstream_mysql-cluster-7.0: needs-triage
hardy_mysql-cluster-7.0: DNE
lucid_mysql-cluster-7.0: ignored
maverick_mysql-cluster-7.0: ignored
natty_mysql-cluster-7.0: ignored
oneiric_mysql-cluster-7.0: ignored
devel_mysql-cluster-7.0: DNE