Debians sikkerhedsbulletin

DSA-1413-1 mysql -- flere sårbarheder

Rapporteret den:
26. nov 2007
Berørte pakker:
mysql-dfsg
mysql-dfsg-5.0
mysql-dfsg-4.1
Sårbar:
Ja
Referencer i sikkerhedsdatabaser:
I Debians fejlsporingssystem: Fejl 426353, Fejl 424778, Fejl 424778, Fejl 451235.
I Mitres CVE-ordbog: CVE-2007-2583, CVE-2007-2691, CVE-2007-2692.
Yderligere oplysninger:

Flere sårbarheder er fundet i MySQL-databasepakker, spændende fra uautoriserede databaseændringer til fjernudløste servernedbrud. Projektet Common Vulnerabilities and Exposures har fundet frem tilfølgende problemer:

  • CVE-2007-2583

    Funktionen in_decimal::set i item_cmpfunc.cc i MySQL før version 5.0.40 gjorde det muligt at forårsage et kontaktafhængigt lammelsesangreb (denial of service) gennem en fabrikeret IF-statement, der medfører en division med nul-fejl og en NULL-pointerdereference. (Påvirket kildekodeversion 5.0.32.)

  • CVE-2007-2691

    MySQL kræver ikke DROP-rettigheden ved RENAME TABLE-statements, hvilket gjorde det muligt for fjernautentificerede brugere at omdøbe vilkårlige tabeller. (Alle understøttede versioner er påvirket.)

  • CVE-2007-2692

    Funktionen mysql_change_db genetablerer ikke THD::db_access-rettigheder, når den vender tilbage fra gemte SQL SECURITY INVOKER-rutiner, hvilket gjordet muligt for fjernautentificerede brugere at opnå rettigheder. (Påvirket kildekodeversion 5.0.32.)

  • CVE-2007-3780

    Man kunne få MySQL til at lade en char med fortegn løbe over, under autentificering. Fjernangribere kunne anvende særligt fremstillede autenficiceringsforespørgsler til at forårsage lammelsesangreb. (Opstrøms kildekodeversioner 4.1.11a og 5.0.32 er påvirkede.)

  • CVE-2007-3782

    Phil Anderton opdagede at MySQL ikke på korrekt vis kontrollerede rettigheder, når eksterne tabeller blev tilgået. Det havde til følge at autentificerede brugere kunne udnytte sårbarheden til at opnå UPDATE-rettigheder til eksterne tabeller. (Påvirket kildekodeversion 5.0.32.)

  • CVE-2007-5925

    Funktionen convert_search_mode_to_innobase i ha_innodb.cc i InnoDB-maskinen i MySQL 5.1.23-BK og tidligere, gjorde det muligt for fjernautentificerede brugere at forårsage lammelsesangreb (databasenedbrud) gennem en særligt fremstillet CONTAINS-handling på en indekseret kolonne, hvilket udløste en assertion-fejl. (Påvirket kildekodeversion 5.0.32.)

I den gamle stabile distribution (sarge), er disse problemer rettet i version 4.0.24-10sarge3 af mysql-dfsg og version 4.1.11a-4sarge8 af mysql-dfsg-4.1.

I den stabile distribution (etch), er disse problemer rettet i version 5.0.32-7etch3 af mysql-dfsg-5.0-pakkerne.

Vi anbefaler at du opgraderer dine mysql-pakker.

Rettet i:

Debian GNU/Linux 4.0 (etch)

Kildekode:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc
Arkitekturuafhængig komponent:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb
Alpha:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_amd64.deb
HP Precision:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_ia64.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_s390.deb

Debian GNU/Linux 3.1 (sarge)

Kildekode:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.dsc
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.diff.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz
Arkitekturuafhængig komponent:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-common_4.0.24-10sarge3_all.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge8_all.deb
Alpha:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_amd64.deb
HP Precision:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_ia64.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_m68k.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.