News

=========================================================== Ubuntu Security Notice USN-306-1 June 27, 2006 mysql-dfsg-4.1 vulnerability CVE-2006-3081 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: mysql-server-4.1 4.1.12-1ubuntu3.6 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: MySQL did not correctly handle NULL as the second argument to the str_to_date() function. An authenticated user could exploit this to crash the server.