lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 25 Apr 2017 15:15:11 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3834-1] mysql-5.5 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3834-1                   security@...ian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 25, 2017                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mysql-5.5
CVE ID         : CVE-2017-3302 CVE-2017-3305 CVE-2017-3308 CVE-2017-3309
                 CVE-2017-3329 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461
                 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3600
Debian Bug     : 854713 860544

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.55, which includes additional changes, such as performance
improvements, bug fixes, new features, and possibly incompatible
changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical
Patch Update advisory for further details:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html
 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

For the stable distribution (jessie), these problems have been fixed in
version 5.5.55-0+deb8u1.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlj/Z9hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Sh1xAAoRVCQR6MGesQJt4O8c5EkxGYSy0+80ELNpr5Cqr8Ac7BqxQdcVMDnWb8
5BOwdpkaslbO3B9PWGZRKpgV1FIX/1kKyeJCn8AhHRzJflOLa2SmLdoeWRq3A0db
XTzGb+LDXJJSn/c+lte95Le1x7ED/a7GBcpZp4Is2HiDDC05Vwi/wpvtKXDTxnrM
kU9cC48aUuunrDNQrpq+x/8hsXeM/nhuvH6SYf70ngmp9EjlQ+1AcAMTyVD72Gtx
dUEL3w8rX/Ckp8wuHK5nVrd8YQ58w6ZJN5tYmG7nexyXEa47FHPS99JTwlcDoCo8
ppfUIL6+Paq5hr74wDLygXNEc9U+Pit9y0X3Zw7NInNcktJFYpk2+YOYe0wAjmPQ
RX/VQQm5HSeSvoFBZJkYDZ9du4DOGVokNGbCdZIWhKQeGK7W0YZA40G/l10nZH5u
4nSz8LHbyt2yn5j1Qzn8bb4YcNG1mDW0EckU9r30EUsmxfKCho7k0JdcFqKfnRWA
yzeT6PocszHmtDgXfTR+uw/3z5UorfdBkWh2L2gF4qhFVhSnqqltreVxyqbtTIjA
oKUtemMKwwjokVd3Vlky/yNKHWnFFzZG1xRRxKgzJWj0BG4zZkebq8UZNppkvlRT
SlVKOwUjbk9PTIOzaOxWlk1UgYr+RmA+pnU0/CX4VOifANrwUvo=
=4Fxf
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ