Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
mysql5
>
mysql-5.0.26
> mysql-5.0.26-CVE-2007-2691.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File mysql-5.0.26-CVE-2007-2691.patch of Package mysql-5.0.26
from http://mysql.bkbits.net:8080/mysql-5.0-community/?PAGE=gnupatch&REV=1.1616.3025.1 --- mysql-test/r/grant.result | 11 +++++++++++ mysql-test/t/grant.test | 23 ++++++++++++++++++++++- sql/sql_parse.cc | 2 +- 3 files changed, 34 insertions(+), 2 deletions(-) --- mysql-test/r/grant.result.orig +++ mysql-test/r/grant.result @@ -657,6 +657,17 @@ delete from mysql.db where user='mysqlte delete from mysql.tables_priv where user='mysqltest1'; flush privileges; drop database mysqltest; +create database db27515; +use db27515; +create table t1 (a int); +grant alter on db27515.t1 to user27515@localhost; +grant insert, create on db27515.t2 to user27515@localhost; +rename table t1 to t2; +ERROR 42000: DROP command denied to user 'user27515'@'localhost' for table 't1' +revoke all privileges, grant option from user27515@localhost; +drop user user27515@localhost; +drop database db27515; +End of 4.1 tests use test; create table t1 (a int); create table t2 as select * from mysql.user where user=''; --- mysql-test/t/grant.test.orig +++ mysql-test/t/grant.test @@ -541,7 +541,28 @@ delete from mysql.tables_priv where user flush privileges; drop database mysqltest; -# End of 4.1 tests +# +# Bug #27515: DROP previlege is not required for RENAME TABLE +# +connection master; +create database db27515; +use db27515; +create table t1 (a int); +grant alter on db27515.t1 to user27515@localhost; +grant insert, create on db27515.t2 to user27515@localhost; + +connect (conn27515, localhost, user27515, , db27515); +connection conn27515; +--error 1142 +rename table t1 to t2; +disconnect conn27515; + +connection master; +revoke all privileges, grant option from user27515@localhost; +drop user user27515@localhost; +drop database db27515; + +--echo End of 4.1 tests # # Bug #16297 In memory grant tables not flushed when users's hostname is "" --- sql/sql_parse.cc.orig +++ sql/sql_parse.cc @@ -3146,7 +3146,7 @@ end_with_restore_list: */ old_list= table[0]; new_list= table->next_local[0]; - if (check_grant(thd, ALTER_ACL, &old_list, 0, 1, 0) || + if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, 1, 0) || (!test_all_bits(table->next_local->grant.privilege, INSERT_ACL | CREATE_ACL) && check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0, 1, 0)))