[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1U2lML-0004Ri-4X@titan.mandriva.com>
Date: Tue, 05 Feb 2013 17:27:00 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2013:007 ] mysql
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2013:007
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mysql
Date : February 5, 2013
Affected: 2011.
_______________________________________________________________________
Problem Description:
This is a maintenance and bugfix release that upgrades mysql to the
latest version which resolves various upstream bugs and a total of 18
security related bugs (CVE-2012-0572, CVE-2012-0574, CVE-2012-0578,
CVE-2012-1702, CVE-2012-1705, CVE-2012-5060, CVE-2012-5096,
CVE-2012-5611, CVE-2012-5612, CVE-2013-0367, CVE-2013-0368,
CVE-2013-0371, CVE-2013-0375, CVE-2013-0383, CVE-2013-0384,
CVE-2013-0385, CVE-2013-0386, CVE-2013-0389).
Please consult the Oracle security matrix for further information
regarding these security issues and the MySQL release notes.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0389
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-29.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
1a4fc5fbdceaa4c143ee87545716601e 2011/i586/libmysql18-5.5.30-0.1-mdv2011.0.i586.rpm
af2522fe92d2a256e094b06a126f346b 2011/i586/libmysqld0-5.5.30-0.1-mdv2011.0.i586.rpm
c165ef3f7c3f7b6baa1b83d16fe46280 2011/i586/libmysql-devel-5.5.30-0.1-mdv2011.0.i586.rpm
23fea2448312453c54de088f3e329c4f 2011/i586/libmysqlservices0-5.5.30-0.1-mdv2011.0.i586.rpm
3380f6d5fb20ae1d04c98e3f0208f28e 2011/i586/libmysql-static-devel-5.5.30-0.1-mdv2011.0.i586.rpm
c00bbdcaac032d6149b5b6dac50eb073 2011/i586/mysql-5.5.30-0.1-mdv2011.0.i586.rpm
b2bf79df355db81a5b281e11bc581b3a 2011/i586/mysql-bench-5.5.30-0.1-mdv2011.0.i586.rpm
7548d7007885217095be0639506e7ad2 2011/i586/mysql-client-5.5.30-0.1-mdv2011.0.i586.rpm
03c08f4ef60439334ffc6aea261a3c1e 2011/i586/mysql-common-5.5.30-0.1-mdv2011.0.i586.rpm
252413d2b6bf637f622b3681783db264 2011/i586/mysql-common-core-5.5.30-0.1-mdv2011.0.i586.rpm
8465acae511092c5a0355c24960f1267 2011/i586/mysql-core-5.5.30-0.1-mdv2011.0.i586.rpm
f2d899a92d8afabe3a3bd18859c8669a 2011/SRPMS/mysql-5.5.30-0.1.src.rpm
Mandriva Linux 2011/X86_64:
ae323a15adff31c83025bb2fa5be1758 2011/x86_64/lib64mysql18-5.5.30-0.1-mdv2011.0.x86_64.rpm
356ba2fba96ba94846fcd1696f4bf7a4 2011/x86_64/lib64mysqld0-5.5.30-0.1-mdv2011.0.x86_64.rpm
7e249f01a94bee5da76ef32fef34f7dc 2011/x86_64/lib64mysql-devel-5.5.30-0.1-mdv2011.0.x86_64.rpm
6090c7125d1d500ba09c811f4a7b6451 2011/x86_64/lib64mysqlservices0-5.5.30-0.1-mdv2011.0.x86_64.rpm
e78bd064a860f94cec1489489c8ce37d 2011/x86_64/lib64mysql-static-devel-5.5.30-0.1-mdv2011.0.x86_64.rpm
1865b7e9f980a731467cd485dadc7cb4 2011/x86_64/mysql-5.5.30-0.1-mdv2011.0.x86_64.rpm
fdc6f92185ec43575958ea5de40b0eff 2011/x86_64/mysql-bench-5.5.30-0.1-mdv2011.0.x86_64.rpm
7ec9f820d489a69460bec9d8f54a98d9 2011/x86_64/mysql-client-5.5.30-0.1-mdv2011.0.x86_64.rpm
fab34328d8414d70d8e0ab1fd396a231 2011/x86_64/mysql-common-5.5.30-0.1-mdv2011.0.x86_64.rpm
13b11ba63c24e3b42d6b7d58a3311ee0 2011/x86_64/mysql-common-core-5.5.30-0.1-mdv2011.0.x86_64.rpm
eef523ed0ff75b75e9e0eab8163020d6 2011/x86_64/mysql-core-5.5.30-0.1-mdv2011.0.x86_64.rpm
f2d899a92d8afabe3a3bd18859c8669a 2011/SRPMS/mysql-5.5.30-0.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFREQd8mqjQ0CJFipgRAvrBAJ0Q6u4kCeuk+/KFykCa9ABrTOP/ZQCfUI46
j7vNF+oqv3Qxpms4heDdYZc=
=DqUH
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists