[security-announce] openSUSE-SU-2015:2243-1: important: Security update to MySQL 5.6.27

news · December 10, 2015

openSUSE Security Update: Security update to MySQL 5.6.27

______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:2243-1

Rating: important

References: #924663 #928962 #951391

Cross-References: CVE-2015-0286 CVE-2015-0288 CVE-2015-1789

CVE-2015-1793 CVE-2015-3152 CVE-2015-4730

CVE-2015-4766 CVE-2015-4792 CVE-2015-4800

CVE-2015-4802 CVE-2015-4815 CVE-2015-4816

CVE-2015-4819 CVE-2015-4826 CVE-2015-4830

CVE-2015-4833 CVE-2015-4836 CVE-2015-4858

CVE-2015-4861 CVE-2015-4862 CVE-2015-4864

CVE-2015-4866 CVE-2015-4870 CVE-2015-4879

CVE-2015-4890 CVE-2015-4895 CVE-2015-4904

CVE-2015-4905 CVE-2015-4910 CVE-2015-4913

Affected Products:

openSUSE Leap 42.1

openSUSE 13.2

openSUSE 13.1

______________________________________________________________________________

An update that fixes 30 vulnerabilities is now available.

Description:

MySQL was updated to 5.6.27 to fix security issues and bugs.

The following vulnerabilities were fixed as part of the upstream release

[boo#951391]: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789,

CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802,

CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830,

CVE-2015-4833, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862,

CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890,

CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910, CVE-2015-4913

Details on these and other changes can be found at:

http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-27.html

The following security relevant changes are included additionally:

* CVE-2015-3152: MySQL lacked SSL enforcement. Using

--ssl-verify-server-cert and --ssl[-*] implies that the ssl connection

is required. The mysql client will now print an error if ssl is

required, but the server can not handle a ssl connection [boo#924663],

[boo#928962]

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2015-889=1

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-889=1

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-889=1

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE Leap 42.1 (i586 x86_64):

libmysql56client18-5.6.27-8.1

libmysql56client18-debuginfo-5.6.27-8.1

libmysql56client_r18-5.6.27-8.1

mysql-community-server-5.6.27-8.1

mysql-community-server-bench-5.6.27-8.1

mysql-community-server-bench-debuginfo-5.6.27-8.1

mysql-community-server-client-5.6.27-8.1

mysql-community-server-client-debuginfo-5.6.27-8.1

mysql-community-server-debuginfo-5.6.27-8.1

mysql-community-server-debugsource-5.6.27-8.1

mysql-community-server-errormessages-5.6.27-8.1

mysql-community-server-test-5.6.27-8.1

mysql-community-server-test-debuginfo-5.6.27-8.1

mysql-community-server-tools-5.6.27-8.1

mysql-community-server-tools-debuginfo-5.6.27-8.1

- openSUSE Leap 42.1 (x86_64):

libmysql56client18-32bit-5.6.27-8.1

libmysql56client18-debuginfo-32bit-5.6.27-8.1

libmysql56client_r18-32bit-5.6.27-8.1

- openSUSE 13.2 (i586 x86_64):

libmysql56client18-5.6.27-2.12.1

libmysql56client18-debuginfo-5.6.27-2.12.1

libmysql56client_r18-5.6.27-2.12.1

mysql-community-server-5.6.27-2.12.1

mysql-community-server-bench-5.6.27-2.12.1

mysql-community-server-bench-debuginfo-5.6.27-2.12.1

mysql-community-server-client-5.6.27-2.12.1

mysql-community-server-client-debuginfo-5.6.27-2.12.1

mysql-community-server-debuginfo-5.6.27-2.12.1

mysql-community-server-debugsource-5.6.27-2.12.1

mysql-community-server-errormessages-5.6.27-2.12.1

mysql-community-server-test-5.6.27-2.12.1

mysql-community-server-test-debuginfo-5.6.27-2.12.1

mysql-community-server-tools-5.6.27-2.12.1

mysql-community-server-tools-debuginfo-5.6.27-2.12.1

- openSUSE 13.2 (x86_64):

libmysql56client18-32bit-5.6.27-2.12.1

libmysql56client18-debuginfo-32bit-5.6.27-2.12.1

libmysql56client_r18-32bit-5.6.27-2.12.1

- openSUSE 13.1 (i586 x86_64):

libmysql56client18-5.6.27-7.13.1

libmysql56client18-debuginfo-5.6.27-7.13.1

libmysql56client_r18-5.6.27-7.13.1

mysql-community-server-5.6.27-7.13.1

mysql-community-server-bench-5.6.27-7.13.1

mysql-community-server-bench-debuginfo-5.6.27-7.13.1

mysql-community-server-client-5.6.27-7.13.1

mysql-community-server-client-debuginfo-5.6.27-7.13.1

mysql-community-server-debuginfo-5.6.27-7.13.1

mysql-community-server-debugsource-5.6.27-7.13.1

mysql-community-server-errormessages-5.6.27-7.13.1

mysql-community-server-test-5.6.27-7.13.1

mysql-community-server-test-debuginfo-5.6.27-7.13.1

mysql-community-server-tools-5.6.27-7.13.1

mysql-community-server-tools-debuginfo-5.6.27-7.13.1

- openSUSE 13.1 (x86_64):

libmysql56client18-32bit-5.6.27-7.13.1

libmysql56client18-debuginfo-32bit-5.6.27-7.13.1

libmysql56client_r18-32bit-5.6.27-7.13.1

References:

https://www.suse.com/security/cve/CVE-2015-0286.html

https://www.suse.com/security/cve/CVE-2015-0288.html

https://www.suse.com/security/cve/CVE-2015-1789.html

https://www.suse.com/security/cve/CVE-2015-1793.html

https://www.suse.com/security/cve/CVE-2015-3152.html

https://www.suse.com/security/cve/CVE-2015-4730.html

https://www.suse.com/security/cve/CVE-2015-4766.html

https://www.suse.com/security/cve/CVE-2015-4792.html

https://www.suse.com/security/cve/CVE-2015-4800.html

https://www.suse.com/security/cve/CVE-2015-4802.html

https://www.suse.com/security/cve/CVE-2015-4815.html

https://www.suse.com/security/cve/CVE-2015-4816.html

https://www.suse.com/security/cve/CVE-2015-4819.html

https://www.suse.com/security/cve/CVE-2015-4826.html

https://www.suse.com/security/cve/CVE-2015-4830.html

https://www.suse.com/security/cve/CVE-2015-4833.html

https://www.suse.com/security/cve/CVE-2015-4836.html

https://www.suse.com/security/cve/CVE-2015-4858.html

https://www.suse.com/security/cve/CVE-2015-4861.html

https://www.suse.com/security/cve/CVE-2015-4862.html

https://www.suse.com/security/cve/CVE-2015-4864.html

https://www.suse.com/security/cve/CVE-2015-4866.html

https://www.suse.com/security/cve/CVE-2015-4870.html

https://www.suse.com/security/cve/CVE-2015-4879.html

https://www.suse.com/security/cve/CVE-2015-4890.html

https://www.suse.com/security/cve/CVE-2015-4895.html

https://www.suse.com/security/cve/CVE-2015-4904.html

https://www.suse.com/security/cve/CVE-2015-4905.html

https://www.suse.com/security/cve/CVE-2015-4910.html

https://www.suse.com/security/cve/CVE-2015-4913.html

https://bugzilla.suse.com/924663

https://bugzilla.suse.com/928962

https://bugzilla.suse.com/951391

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Sign In

[security-announce] openSUSE-SU-2015:2243-1: important: Security update to MySQL 5.6.27

Recommended Posts

news 28

Share this post

Link to post

Please sign in to comment

Browse

Activity