MySQL CVE-2006-3469

Tim Thome tthome at
Fri Jul 28 21:00:58 UTC 2006


It affects FC3 and earlier as included with the distributions. FC4 is  
currently including 4.1.20 on the updates-released directory.

Do note that FC3 can run the regular mysql rpm's as provided by  
mysql... so an advisory should be posted (imho)...

Not sure about FC1/2 (I moved over to FC3 from another distro)


On Jul 28, 2006, at 1:13 PM, John Dalbec wrote:

> Does this affect Fedora-Legacy?
> 06.29.31 CVE: CVE-2006-3469
> Platform: Cross Platform
> Title: MySQL Server Date_Format Denial of Service
> Description: MySQL is susceptible to a remote denial of service
> vulnerability because the database server fails if the "select
> date_format" SQL function is called with "('%d%s', 1);" argument.
> MySQL versions prior to 4.1.18, 5.0.19 and 5.1.6 are affected.
> Ref:
> --
> fedora-legacy-list mailing list
> fedora-legacy-list at

More information about the fedora-legacy-list mailing list