A vulnerability was recently announced that allowed an attacker to successfully authenticate against a database without the correct password. The issue was a call to memcpy that resulted in a value outside of the standard -128..127 range. To view the full announcement you can visit http://seclists.org/oss-sec/2012/q2/493. Testing your install You can do a quick test to see if you are affected. Find the location of your mysql install and fire up gdb.
Chad Humphries pointed me to this tasty bit of code. Since Ruby so graciously lets you open up classes anywhere, it’s nice to know where the right place to debug is. Simply put the following code into a globally accessible place (I just used .irbrc) and you will have the method available. module Kernel def where_is_this_defined(settings={}, &block) settings[:debug] ||= false settings[:educated_guess] ||= false events = [] set_trace_func lambda do |event, file, line, id, binding, classname| events << { :event => event, :file => file, :line => line, :id => id, :binding => binding, :classname => classname } if settings[:debug] puts "event => #{event}" puts "file => #{file}" puts "line => #{line}" puts "id => #{id}" puts "binding => #{binding}" puts "classname => #{classname}" puts '' end end yield set_trace_func(nil) events.