Home |  MySQL Buzz |  FAQ |  Feeds |  Submit your blog feed |  Feedback |  Archive |  Aggregate feed RSS 2.0 English Deutsch Español Français Italiano 日本語 Русский Português 中文
Showing entries 1 to 1

Displaying posts with tag: security vulnerability (reset)

On responsible bugs reporting
+1 Vote Up -0Vote Down
Let me start with questions related to responsible MySQL bugs reporting that I'd like to be discussed and then present a history behind them.

Assuming that you, my dear reader from MySQL Community, noted or found some simple sequence of SQL statements that, when executed by authenticated MySQL user explicitly having all the privileges needed to execute these statements, crashes some version of your favorite MySQL fork, please, answer the following questions:
  • Do you consider this kind of a bug a "security vulnerability"?
  • Should you share complete test case at any public site (MySQL bugs database, Facebook, your personal blog, any)?
  • Should you share just a description of possible "attack vector", as Oracle does when they publish security bug fixes?
  • Should you share just a stack trace or failed assertion information,



  •   [Read more...]
    Showing entries 1 to 1

    Planet MySQL © 1995, 2014, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

    Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.