Disable "binary version" functionality in VersionCheck
Bug #1285166 reported by
Alexey Kopytov
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Percona XtraBackup moved to https://jira.percona.com/projects/PXB |
Fix Released
|
High
|
Alexey Kopytov | ||
| 2.1 |
Fix Released
|
High
|
Alexey Kopytov | ||
| 2.2 |
Fix Released
|
High
|
Alexey Kopytov | ||
Bug Description
Splitting this one off from bug #1279502 as that one is more general in scope.
The most unsafe part of the VersionCheck module discussed in bug #1279502 is the binary version reporting, where a list of commands received from v.percona.com is executed with the --version switch after sanitizing the input, and their output is reported back.
This report is to disable that functionality in XtraBackup.
Related branches
lp:~akopytov/percona-xtrabackup/bug1285166-2.1
- Sergei Glushchenko (community): Approve (g2)
-
Diff: 37 lines (+0/-20)1 file modifiedinnobackupex.pl (+0/-20)
lp:~akopytov/percona-xtrabackup/bug1285166-2.2
- Sergei Glushchenko (community): Approve (g2)
-
Diff: 37 lines (+0/-20)1 file modifiedstorage/innobase/xtrabackup/innobackupex.pl (+0/-20)
CVE References
Revision history for this message
| Shahriyar Rzayev (rzayev-sehriyar) wrote | #1 |
To post a comment you must log in.
Percona now uses JIRA for bug reports so this bug report is migrated to: https:/