lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1XgErZ-0001bS-QR@paradis.debian.org>
Date: Mon, 20 Oct 2014 15:27:13 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3054-1] mysql-5.5 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3054-1                   security@...ian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
October 20, 2014                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mysql-5.5
CVE ID         : CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463
                 CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484
                 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496
                 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520
                 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559
Debian Bug     : 765663

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.40. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
 http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJURSC7AAoJEAVMuPMTQ89EasQP/RxXHja/33Mofs2nZY2T0c++
BblmAs1D8t1csPTPjPGC2UFrBNWvvKSintqHid1W34ulFQahR+Uw0t6vuNOKoVnh
oBnayvOkAl2R6EcMS3DrdEPCgmj6NGC6QNG2Qt43a5tYdR3YCBTCMhPcHoIM6m3J
eQH/3UetTKrxvqM0nXNjTcVppdHUzKP3b2W/DRP90X0qtD5DdkqEqh12rCZVBvnO
b3AegaZ/PoEnmzqXkLIpRs2Dtx9P/dWeL9vCDZN0X6h+NSJzXYd0YfjfEIYldSXI
vKHIXFyno69pelQ7YoUA/+XKyVbvZzPL1STgV9dJtHWUi4TMR9VgIFuJMVaBoNDR
YTcfN61CfOkhUI45PhEp+mprlKVwwrLXrR/R5g4dHr28EmdQmvIJOOtxbUJAUd0m
y7q5PUuXWuVC54Kjm51m249dNY8IMgBAiIdrvlQyQiOL28Wgc0z2+IWFZnSL8eSH
5l8jKi20x6BYNIKQHWBqt2s4yej39dNaiNnCGqnUUOCzrbpfY1xzP25GPtQo+jVc
+1IygdKN8SG3S5FTQcHsND4C2cb3A9Tgf2gwffVrQq0TyQvXQbGjWN+xh4FAhU/D
ysAYdd2zPQGd+9OAE/Ja1uMZ2NY/CTzn9y5Or6eTCLpDmNFN28MsvQ9SAkAWVKe8
SgOwAiXo3xRUsGy6UiHm
=j4S6
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ