Debian-Sicherheitsankündigung

DSA-1413-1 mysql -- Mehrere Verwundbarkeiten

Datum des Berichts:
26. Nov 2007
Betroffene Pakete:
mysql-dfsg
mysql-dfsg-5.0
mysql-dfsg-4.1
Verwundbar:
Ja
Sicherheitsdatenbanken-Referenzen:
In der Debian-Fehlerdatenbank: Fehler 426353, Fehler 424778, Fehler 424778, Fehler 451235.
In Mitres CVE-Verzeichnis: CVE-2007-2583, CVE-2007-2691, CVE-2007-2692.
Weitere Informationen:

Mehrere Verwundbarkeiten wurden in den MySQL-Datenbank-Paketen entdeckt. Sie haben weitreichende Auswirkungen, beginnend bei nichtautorisierten Datenbankmodifikationen bis zum entfernten Auslösen von Server-Abstürzen. Das Common Vulnerabilities and Exposures-Projekt identifiziert die folgenden Probleme:

  • CVE-2007-2583

    Die Funktion in_decimal::set in item_cmpfunc.cc in MySQL vor 5.0.40 ermöglicht kontextabhängigen Angreifern eine Diensteverweigerung (denial of service) (Absturz) mittels einer speziell erzeugten IF-Anweisung auszulösen, die zu einem Division-durch-Null-Fehler und einer Nullzeigerdereferenzierung führt. (Betrifft Quellcode-Version 5.0.32.)

  • CVE-2007-2691

    MySQL benötigt das DROP-Privileg für RENAME TABLE-Anweisungen nicht, was entfernt authentifizierten Benutzern ermöglicht, beliebige Tabellen umzubenennen. (Alle unterstützten Versionen sind betroffen.)

  • CVE-2007-2692

    Die Funktion mysql_change_db stellt die THD::db_access-Privilegien nicht wieder her, wenn von mit SQL SECURITY INVOKER gespeicherten Routinen zurückgesprungen wird. Dies ermöglicht entfernt authentifizierten Benutzern die Erhöhung der Privilegien. (Betrifft Quellcode-Version 5.0.32.)

  • CVE-2007-3780

    MySQL kann während der Authentifizierung zu einem Überlauf eines vorzeichenbehafteten char veranlasst werden. Entfernte Angreifer könnten speziell erzeugte Authentifizierungsanfragen verwenden, um eine Diensteverweigerung auszulösen. (Betrifft Originalquellcode-Versionen 4.1.11a und 5.0.32.)

  • CVE-2007-3782

    Phil Anderton entdeckte, dass MySQL Zugriffsrechte nicht korrekt überprüft, wenn auf externe Tabellen zugegriffen wird. Authentifizierte Benutzer könnten dies ausnutzen, um UPDATE-Privilegien für externe Tabellen zu erhalten. (Betrifft Quellcode-Version 5.0.32.)

  • CVE-2007-5925

    Die Funktion convert_search_mode_to_innobase in ha_innodb.cc in der InnoDB-Engine in MySQL 5.1.23-BK und früher ermöglicht entfernt authentifizierten Benutzern eine Diensteverweigerung (Datenbankabsturz) mittels einer speziellen CONTAINS-Operation auf einer indizierten Spalte auszulösen, was zu einem Assert-Fehler führt. (Betrifft Quellcode-Version 5.0.32.)

Für die alte Stable-Distribution (Sarge) wurden diese Probleme in Version 4.0.24-10sarge3 von mysql-dfsg und Version 4.1.11a-4sarge8 von mysql-dfsg-4.1 behoben.

Für die Stable-Distribution (Etch) wurden diese Probleme in Version 5.0.32-7etch3 der Pakete mysql-dfsg-5.0 behoben.

Wir empfehlen Ihnen, Ihre mysql-Pakete zu aktualisieren.

Behoben in:

Debian GNU/Linux 4.0 (etch)

Quellcode:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc
Architektur-unabhängige Dateien:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb
Alpha:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_amd64.deb
HP Precision:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_ia64.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_s390.deb

Debian GNU/Linux 3.1 (sarge)

Quellcode:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.dsc
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.diff.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz
Architektur-unabhängige Dateien:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-common_4.0.24-10sarge3_all.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge8_all.deb
Alpha:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_alpha.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_amd64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_amd64.deb
HP Precision:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_hppa.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_i386.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_ia64.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_ia64.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_m68k.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_m68k.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mips.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mipsel.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_powerpc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_s390.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_sparc.deb
http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_sparc.deb

MD5-Prüfsummen der aufgeführten Dateien stehen in der ursprünglichen Sicherheitsankündigung zur Verfügung.