Bug #18897 | Events: unauthorized action possible with alter event rename | ||
---|---|---|---|
Submitted: | 7 Apr 2006 18:01 | Modified: | 28 Jun 2006 7:04 |
Reporter: | Peter Gulutzan | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Stored Routines | Severity: | S3 (Non-critical) |
Version: | 5.1.9-beta-debug | OS: | Linux (SUSE 10.0) |
Assigned to: | Andrey Hristov | CPU Architecture: | Any |
[7 Apr 2006 18:01]
Peter Gulutzan
[7 Apr 2006 18:16]
MySQL Verification Team
Thank you for the bug report.
[5 May 2006 11:30]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/6006
[5 May 2006 11:34]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/6007
[15 Jun 2006 17:18]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/7714
[23 Jun 2006 15:03]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/8147
[23 Jun 2006 15:29]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/8150
[27 Jun 2006 16:18]
Andrey Hristov
Hi, the fix will appear in 5.1.12 Moving an event between databases is possible since the very beginning. Until 5.1.11 (incl.) the user hasn't been checked whether she posses EVENT_ACL on the target database. In addition if there was no current database and the following was executed there was a crash : ALTER EVENT db1.xyz RENAME TO xyz;
[28 Jun 2006 7:04]
Jon Stephens
Thank you for your bug report. This issue has been committed to our source repository of that product and will be incorporated into the next release. Documented bugfix in 5.1.12 changelog. Closed.