Created by Stewart Smith on 2012-08-17 and last modified on 2012-08-17
Get this branch:
bzr branch lp:percona-server/upstream-5.0
Members of Percona core can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Recent revisions

2928. By Mattias Jonsson on 2011-12-14


2927. By Tor Didriksen <email address hidden> on 2011-10-14


Buffer over-run on all platforms, crash on windows, wrong result on other platforms,
when rounding numbers which start with 999999999 and have
precision = 9 or 18 or 27 or 36 ...

2926. By Georgi Kodinov on 2011-10-12

auto-merge mysql-5.0->mysql-5.0-security

2925. By Tatjana Azundris Nuernberg <email address hidden> on 2011-10-06

additional clean-up for 11765687

2924. By Tatjana Azundris Nuernberg <email address hidden> on 2011-09-29

Bug#11765687 (MySQL58677): No privilege on table / view, but can know #rows / underlying table's name

1 - If a user had SHOW VIEW and SELECT privileges on a view and
this view was referencing another view, EXPLAIN SELECT on the outer
view (that the user had privileges on) could reveal the structure
of the underlying "inner" view as well as the number of rows in
the underlying tables, even if the user had privileges on none of
these referenced objects.

This happened because we used DEFINER's UID ("SUID") not just for
the view given in EXPLAIN, but also when checking privileges on
the underlying views (where we should use the UID of the EXPLAIN's
INVOKER instead).

We no longer run the EXPLAIN SUID (with DEFINER's privileges).
This prevents a possible exploit and makes permissions more

2 - EXPLAIN SELECT would reveal a view's structure even if the user
did not have SHOW VIEW privileges for that view, as long as they
had SELECT privilege on the underlying tables.

Instead of requiring both SHOW VIEW privilege on a view and SELECT
privilege on all underlying tables, we were checking for presence
of either of them.

We now explicitly require SHOW VIEW and SELECT privileges on
the view we run EXPLAIN SELECT on, as well as all its
underlying views. We also require SELECT on all relevant

2923. By Georgi Kodinov on 2011-08-17

changed the old @sun.com address of security trees.

2922. By Tor Didriksen <email address hidden> on 2011-07-18

Bug#12406055 post-push fix: ignore float output

2921. By Tor Didriksen <email address hidden> on 2011-07-15


The buffer was simply too small.
In 5.5 and trunk, the size is 311 + 31,
in 5.1 and below, the size is 331

2920. By Georgi Kodinov on 2011-07-07

weave merge of mysql-5.0->mysql-5.0-security

2919. By Georgi Kodinov on 2011-06-16

auto-merge of version update from mysql-5.0 to mysql-5.0-security

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.