Please Install the Updated Packages.

A vulnerability in MySQL prior to 5.0.45 did not require priveliges such as SELECT for the source table in a CREATE TABLE LIKE statement, allowing remote authenticated users to obtain sensitive information such as the table structure (CVE-2007-3781). A vulnerability in the InnoDB engine in MySQL allowed remote authenticated users to cause a denial of service (database crash) via certain CONTAINS operations on an indexed column, which triggered an assertion error (CVE-2007-5925). Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options could be used to overwrite system table information by replacing the file to which a symlink pointed to (CVE-2007-5969). The updated packages have been patched to correct these issues.

MySQL on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64