/[packages]/updates/1/mysql/current/SOURCES/mariadb-5.5-no-anonymous-user.patch
ViewVC logotype

Contents of /updates/1/mysql/current/SOURCES/mariadb-5.5-no-anonymous-user.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 394857 - (show annotations) (download)
Wed Feb 6 16:09:15 2013 UTC (8 years, 3 months ago) by luigiwalser
File size: 1180 byte(s)
- remove anonymous user in default installation so that CVE-2012-5615
  isn't exploitable anymore in new installations if the network port
  is opened

1 diff -Naur a/scripts/mysql_system_tables_data.sql b/scripts/mysql_system_tables_data.sql
2 --- a/scripts/mysql_system_tables_data.sql 2013-01-23 23:39:17.000000000 +0100
3 +++ b/scripts/mysql_system_tables_data.sql 2013-02-05 22:56:03.837864475 +0100
4 @@ -41,8 +41,6 @@
5 REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','' FROM dual WHERE LOWER( @current_hostname) != 'localhost';
6 REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','');
7 REPLACE INTO tmp_user VALUES ('::1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','');
8 -INSERT INTO tmp_user (host,user) VALUES ('localhost','');
9 -INSERT INTO tmp_user (host,user) SELECT @current_hostname,'' FROM dual WHERE LOWER(@current_hostname ) != 'localhost';
10 INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0;
11 DROP TABLE tmp_user;
12

  ViewVC Help
Powered by ViewVC 1.1.28