Search This Blog

Friday, January 23, 2015

[SECURITY] [DSA 3135-1] mysql-5.5 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3135-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
January 23, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2014-6568 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382
CVE-2015-0411 CVE-2015-0432
Debian Bug : 775881

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.41. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-41.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

For the stable distribution (wheezy), these problems have been fixed in
version 5.5.41-0+wheezy1.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUwnPAAAoJEAVMuPMTQ89EvTIP/iOAOe1948Vx1RgaW9WgUnbY
vbTEh6kyzFM2arVCdQgQtQDnIrYaY5E5Az9TslfWTPDX8yRf9ZLl5uUigoo/0cfZ
KHBXIwwJIb0XNCnEa10gq22lthux9f55z9M68OaEbs40BEreR3FkEzSumpug2Fhl
GVKFAObukdO48p04WHQCdLJXyNcxjQx7vU7YAWYRU7jxIqCJHNmF2s0EOdNiPsxz
337bvvU/imRKcnbxNsj9dJGq+aGN/4afCUuMMF8UiseMlKXgXbUtE6Y1LAN47QWa
L6sLgOkGtflgLtz5Y/OvOHv6zqi4ojj8HQ/vZkkkK3HHKKVry9z/Go5/UhhFgFIi
s56ZF3OsZLp09o+k+l2fdWMhbebpTabtOpIfXSl5bJPM4qMEWq/DJzYAY71xeZ5X
dm1GvOaazdHt2lXjDVRHJzRNEqDVpFzquhSE2Ry/+mThem8Gkb5XyM7srWYZi5Wf
oOHqvm2/u+Hh56a0NWNtKCqnApljceGmK2b/KTG3c0kaXc5bjWHs12bcGBTZlV0M
W1UKpE0GuJj3IteMSIFZhVPMUdy0tMjIiFAbJHZPHd3AQxWSGIbn0TBSQe48kZYB
oZA882Ya87OE6zvoaxuf0nlF4D0Or/TmRbi5CzLgUytOcfRsyAJoFabF0mIoP/9H
s0Auy4mEYnsyXyEkSkp/
=5oE6
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: https://lists.debian.org/E1YEguh-0003qv-U8@master.debian.org

No comments: