August 2007

Out of Office…

Yes, I’m away for a while to a place that I don’t think has permanent accessible internet access. This means I won’t be responding to all your comments and questions for two weeks, but don’t dispair. If you’ve got issues and are willing to share them with the other I suggest using the forum where others are willing to repond to your needs. See you again in 2 weeks !

MySQL released version 5.0.45

Well, here as well we missed an update, sorry about this I hope to keep you more up to date to stuff like this the coming period. The bug is still there so you still need to recompile !

This release includes a number of security-relevant fixes:

  • CREATE TABLE LIKE did not require any privileges on the source table and was not isolated from alteration by other connections. (Bugs #25578 and #23667)
  • It is no longer possible to use a view to gain update privileges for tables in other databases. (Bug#27878)
  • It is no longer possible for a user to gain privileges by calling a stored routine that was declared using SQL SECURITY INVOKER. (Bug#27337)
  • The DROP privilege requirement for RENAME TABLE is now correctly enforced. (Bug#27515)
  • Malformed password packets in the connection protocol can no longer cause the server to crash. (Bug#28984)

One bug fix resulted in an incompatible change:

  • The use of an ORDER BY or DISTINCT clause with a query containing a call to the GROUP_CONCAT() function caused results from previous queries to be redisplayed in the current result. The fix for this includes replacing a BLOB value used internally for sorting with a VARCHAR; this may lead to truncation when the result of a query that uses GROUP_CONCAT() is longer than the limit for VARCHAR, which is a new restriction in MySQL 5.0.45. (Bugs #23856, #28273)

Read about all the changes here.

Postfix updated and tested to 2.4.5

Alright, Wietse has been busier than me and because of that I missed an update. So the current source version that is available is 2.4.5 which should run fine on your current machine without a problem. Here is a summary of changes; for details please see HISTORY or RELEASE_NOTES in the source archive:

  • MILTER bugfix: When a milter replied with ACCEPT at or before the first RCPT command, the cleanup server would apply the non_smtpd_milters setting as if the message was a local submission. Problem reported by Jukka Salmi.
  • MILTER bugfix: Problem with header updates after body updates. Reported by Jose-Marcio Martins da Cruz.
  • MILTER robustness: Assorted cleanups to harden error handling in the Postfix Milter client.
  • SASL workaround for Postfix SMTP client: Some non-Cyrus SASL SMTP servers require SASL login without authzid (authoriZation ID), i.e. the client must send only the authcid (authentiCation ID) + the authcid’s password. This is now the default Postfix SMTP client behavior.
  • Loopback TCP performance workaround: Some systems exhibited poor SMTP and Milter performance with loopback ( connections. Problem reported by Mark Martinec.

Security Update 2007-7

Alright, I’m working on all the items on my todo list which has been growing quite heavily. The new job is so much fun that I forgot to spend time on al my other fun projects… Expect qite some posts in the next few days…

But first to the business at hand, I’ve updated the server with the Security Update 2007-7 and didn’t run into any problem with all the changes we made… Read more about the update at the apple support site. But I guess most of you already have got the update running…