Updated mysql packages that fix various temporary file security issues, as well as a number of bugs, are now available.
MySQL is a multi-user, multi-threaded SQL database server. This update fixes a number of small bugs, including some potential security problems associated with careless handling of temporary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-0381, CAN-2004-0388, and CAN-2004-0457 to these issues. A number of additional security issues that affect mysql have been corrected in the source package. These include CAN-2004-0835, CAN-2004-0836, CAN-2004-0837, and CAN-2004-0957. CentOS Linux 3 does not ship with the mysql-server package and is therefore not affected by these issues. This update also allows 32-bit and 64-bit libraries to be installed concurrently on the same system. All users of mysql should upgrade to these updated packages, which resolve these issues.