Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Vulnerabilities in v4.0.15

Status
Not open for further replies.
williey

williey

Technical User
Joined
Jan 21, 2004
Messages
242
Is upgrading to version 5.1 the only way to fix vulnerabilities in version 4.0.15? I can't find patches for bugs CVE-2008-4097 and CVE-2008-4098 .

------------------------------------------
There are 10 kinds of people in this world. One that understands binary and the other one that does not.
 
Sort by date Sort by votes
I apologize for not mentioning this is on a Windows machine.

------------------------------------------
There are 10 kinds of people in this world. One that understands binary and the other one that does not.
 
Upvote 0 Downvote
Then im not sure, sorry. I'm more of a linux person

Anyone else have any ideas?
 
Upvote 0 Downvote
me too.. but i have to work in a windows environment.

------------------------------------------
There are 10 kinds of people in this world. One that understands binary and the other one that does not.
 
Upvote 0 Downvote
Ehm, is there any reason not to upgrade?

I know that you might redefine the passwords, but otherwise MySQL has been fairly compatible. The worst things to expect are:

4.1: password hashes are changed. If you connect with pre-4.1 clients, you may need to define users with the OLD_PASSWORD function.

MySQL has become stricter. Nowadays, fields can be defined without a default value and NOT NULL. Also, you will have to set ALLOW_INVALID_DATES in the sql_mode setting if you use '0000-00-00' as the default for a date.

MySQL can now handle character encodings. (send a "SET NAMES utf8;" command directly after connecting if you want to use utf-8; By default latin-1 is used.

As you are on Windows: add a line "lower_case_table_names=2" to my.ini directly after installing/upgrading (in the [mysqld] section). This way, MySQL behaves as it should with case-insensitive systems like Windows.

Hope this helps estimating the pain of upgrading versus patching.

+++ Despite being wrong in every important aspect, that is a very good analogy +++
Hex (in Darwin's Watch)
 
Upvote 0 Downvote
The version 4.0.15 came with a prepackage s/w. The vendor does not offer an standalone db upgrade. Its all or nothing.

We want to correct the security issues. Right now, I'm testing the upgrade of 4.1.22. The upgrade went fine. I just need to recreate all the objects.

I hope the client will connect work function normally.

------------------------------------------
There are 10 kinds of people in this world. One that understands binary and the other one that does not.
 
Upvote 0 Downvote
ok. I upgraded to version 4.1.22 without issues.

When I try to upgrade to 5.1.37, the mysql service fails to start during the instance configuration step.


------------------------------------------
There are 10 kinds of people in this world. One that understands binary and the other one that does not.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

boylesg
  • Locked
  • Question Question
Can't sort my table by a particular column, records are returned in autinc order.
Replies
4
Views
894
spamjim
spamjim
EdLentz
  • Locked
  • Question Question
How do I use a keyword in a query??
Replies
6
Views
1K
EdLentz
EdLentz
lupidol
  • Locked
  • Question Question
Cannot create new table in mySQL
Replies
6
Views
1K
lupidol
lupidol
bharons
  • Locked
  • Question Question
function argument value, type or count is invalid
Replies
3
Views
928
bharons
bharons
dylim
  • Locked
  • Question Question
SQL_CALC_FOUND_ROWS still runs in MySQL 8.0.29
Replies
2
Views
1K
dylim
dylim

Part and Inventory Search

Sponsor

Back
Top