Note:
This is nearly a complete rework of the mysql package because recent mysql
releases are using cmake for building.
In contrast to our former mysql package we use the default prefix instead
of 'opt/mysql' now, to be more FHS friendly.
CVE-2007-5969 (Medium) :
MySQL Community Server before 5.0.51, when a table relies on symlinks created through explicit
DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite
system table information and gain privileges via a RENAME TABLE statement that changes the
symlink to point to an existing file.
CVE-2007-6303 (Low) :
MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the
DEFINER value of a view when the view is altered, which allows remote authenticated users to
gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW
statement and an ALTER VIEW statement.
CVE-2007-6304 (Medium) :
The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4,
when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a
denial of service (federated handler crash and daemon crash) via a response that lacks the
minimum required number of columns.