Hi, packagers of MariaDB, We have discovered (*) a classical buffer overflow in MariaDB, that allows an authenticated user to crash the server or execute arbitrary code with the privilegs of the mysqld process. All MariaDB and MySQL version starting from 5.1 are affected. We will be releasing new MariaDB versions containing these patches shortly. The fixed versions are 5.1.66, 5.2.13, 5.3.11 and the next release after 5.5.28 (which will be either 5.5.29 or 5.5.28a, depending on when MySQL-5.5.29 will appear). Regards, Sergei (*) Thanks to Tomas Hoger from the Red Hat Security Response Team ============ The patch: http://bazaar.launchpad.net/~maria-captains/maria/5.3/revision/2643.153.26 Bug entry in our bug tracker (incomplete): https://mariadb.atlassian.net/browse/MDEV-3884 MySQL bug report entry (not public): http://bugs.mysql.com/bug.php?id=67685