As i understand the latest WHM notice below means there are 2 issues to deal with for NPTL based systems ?
-----------------------------------------------------------
Issue 1.For security issues fix is to update to MySQL 4.0.27 or 4.1.19 or 5.0.21 according to the mysql.com changelogs
i.e.
4.0.27
http://dev.mysql.com/doc/refman/4.1/en/news-4-0-27.html
4.1.19
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html
5.0.21
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
all list
-----------------------------------------------------------
Issue 2.Compatibility issues with NPTL based systems with MySQL 4.0.24 and higher 4.0.xx versions. But only some folks are affected and some have no problems ? As you stated in what i highlighted in bold
Important Notice: Incompatible versions of Mysql 4.0.x and NPTL based systems.
If you are running a newer linux system which is NPTL based (CentOS 4, Fedora 3+, RHE 4, etc) and are having problems with MySQL 4.0.x (versions later then 4.0.23*), we recommend upgrading to MySQL 4.1.x as we have determined that there are compatibility issues on these platforms. You can easily upgrade to 4.1.x by changing the Mysql Version in Tweak Settings
If you are worried about compatibility with MySQL 4.0, be sure to check the box labeled: Use old style (4.0) passwords with mySQL 4.1. in Tweak Settings.
If you are unsure if your system is NPTL based, run getconf GNU_LIBPTHREAD_VERSION at the command line and see if it displays NPTL.
* 4.0.23 does not have any known issues, but is subject to security vulnerabilities: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
-----------------------------------------------------------
Issue 1.
i.e.
4.0.27
http://dev.mysql.com/doc/refman/4.1/en/news-4-0-27.html
4.1.19
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html
5.0.21
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
all list
Security fix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could have led to an information disclosure. (CVE-2006-1516, CVE-2006-1517) Thanks to Stefano Di Paola <[email protected]> for finding and reporting this bug.
-----------------------------------------------------------
Issue 2.
Can you elaborate on the 2nd issue ? there's been hundreds of CentOS 4 based servers running for ages with 4.0.25 at least with WHM users and most don't seem to have issues that I am aware of ???If you are running a newer linux system which is NPTL based (CentOS 4, Fedora 3+, RHE 4, etc) and are having problems with MySQL 4.0.x (versions later then 4.0.23*)
Last edited: