Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[slackware-security] mariadb, mysql (SSA:2014-050-02)

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

[slackware-security] mariadb, mysql (SSA:2014-050-02)

 

New mariadb and mysql packages are available for Slackware 13.0, 13.1, 13.37,

14.0, 14.1, and -current to fix a security issue.

 

 

Here are the details from the Slackware 14.1 ChangeLog:

+--------------------------+

patches/packages/mariadb-5.5.35-i486-1_slack14.1.txz: Upgraded.

This update fixes a buffer overflow in the mysql command line client which

may allow malicious or compromised database servers to cause a denial of

service (crash) and possibly execute arbitrary code via a long server

version string.

For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001

(* Security fix *)

+--------------------------+

 

 

Where to find the new packages:

+-----------------------------+

 

Thanks to the friendly folks at the OSU Open Source Lab

(http://osuosl.org) for donating FTP and rsync hosting

to the Slackware project! :-)

 

Also see the "Get Slack" section on http://slackware.com for

additional mirror sites near you.

 

Updated package for Slackware 13.0:

ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mysql-5.0.96-i486-2_slack13.0.txz

 

Updated package for Slackware x86_64 13.0:

ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mysql-5.0.96-x86_64-2_slack13.0.txz

 

Updated package for Slackware 13.1:

ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mysql-5.1.73-i486-1_slack13.1.txz

 

Updated package for Slackware x86_64 13.1:

ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mysql-5.1.73-x86_64-1_slack13.1.txz

 

Updated package for Slackware 13.37:

ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mysql-5.1.73-i486-1_slack13.37.txz

 

Updated package for Slackware x86_64 13.37:

ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mysql-5.1.73-x86_64-1_slack13.37.txz

 

Updated package for Slackware 14.0:

ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/mysql-5.5.36-i486-1_slack14.0.txz

 

Updated package for Slackware x86_64 14.0:

ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/mysql-5.5.36-x86_64-1_slack14.0.txz

 

Updated package for Slackware 14.1:

ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.35-i486-1_slack14.1.txz

 

Updated package for Slackware x86_64 14.1:

ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.35-x86_64-1_slack14.1.txz

 

Updated package for Slackware -current:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.35-i486-1.txz

 

Updated package for Slackware x86_64 -current:

ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.35-x86_64-1.txz

 

 

MD5 signatures:

+-------------+

 

Slackware 13.0 package:

1cce4ce596cb9f42513d8a9916576af8 mysql-5.0.96-i486-2_slack13.0.txz

 

Slackware x86_64 13.0 package:

ef5a1237b6878d711a32b653bbae7cb5 mysql-5.0.96-x86_64-2_slack13.0.txz

 

Slackware 13.1 package:

3f83cf2cf1d9aa42e4104b08abdc263b mysql-5.1.73-i486-1_slack13.1.txz

 

Slackware x86_64 13.1 package:

6a8b07c70f5d20892316713853c27fa8 mysql-5.1.73-x86_64-1_slack13.1.txz

 

Slackware 13.37 package:

58fa913ee68907884197c465e130a010 mysql-5.1.73-i486-1_slack13.37.txz

 

Slackware x86_64 13.37 package:

8d2b940be5f141b9c2b0e0a43c67bf63 mysql-5.1.73-x86_64-1_slack13.37.txz

 

Slackware 14.0 package:

ac87007a1dd38d854fcdade3a2a42d03 mysql-5.5.36-i486-1_slack14.0.txz

 

Slackware x86_64 14.0 package:

c6c4ba0de7750bc23cab8be4b33f0716 mysql-5.5.36-x86_64-1_slack14.0.txz

 

Slackware 14.1 package:

0e14c2b69128af4ff32b5bc760434ccb mariadb-5.5.35-i486-1_slack14.1.txz

 

Slackware x86_64 14.1 package:

08890b91bb6e2db66c501a7a10e936a7 mariadb-5.5.35-x86_64-1_slack14.1.txz

 

Slackware -current package:

d085ede95618780ae8b78dfe51ab127d ap/mariadb-5.5.35-i486-1.txz

 

Slackware x86_64 -current package:

305eba3dc795b5308a9f39e196323395 ap/mariadb-5.5.35-x86_64-1.txz

 

 

Installation instructions:

+------------------------+

 

Upgrade the package as root:

# upgradepkg mariadb-5.5.35-i486-1_slack14.1.txz

 

Then, restart the database server:

# sh /etc/rc.d/rc.mysqld restart

 

 

+-----+

 

Slackware Linux Security Team

http://slackware.com/gpg-key

security ( -at -) slackware.com

 

+------------------------------------------------------------------------+

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×