Subject: | |
From: | |
Reply To: | |
Date: | Wed, 12 Feb 2014 14:14:47 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Slpackages working?
Pat Riehecky <[log in to unmask]> wrote:
>Synopsis: Moderate: mysql security and bug fix update
>Advisory ID: SLSA-2014:0164-1
>Issue Date: 2014-02-12
>CVE Numbers: CVE-2013-5908
> CVE-2014-0386
> CVE-2014-0393
> CVE-2014-0401
> CVE-2014-0402
> CVE-2014-0412
> CVE-2014-0437
> CVE-2014-0001
>--
>
>(CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402,
>CVE-2014-0412, CVE-2014-0437, CVE-2013-5908)
>
>A buffer overflow flaw was found in the way the MySQL command line client
>tool (mysql) processed excessively long version strings. If a user
>connected to a malicious MySQL server via the mysql client, the server
>could use this flaw to crash the mysql client or, potentially, execute
>arbitrary code as the user running the mysql client. (CVE-2014-0001)
>
>This update also fixes the following bug:
>
>* Prior to this update, MySQL did not check whether a MySQL socket was
>actually being used by any process before starting the mysqld service. If
>a particular mysqld service did not exit cleanly while a socket was being
>used by a process, this socket was considered to be still in use during
>the next start-up of this service, which resulted in a failure to start
>the service up. With this update, if a socket exists but is not used by
>any process, it is ignored during the mysqld service start-up.
>
>After installing this update, the MySQL server daemon (mysqld) will be
>restarted automatically.
>--
>
>SL6
> x86_64
> mysql-5.1.73-3.el6_5.x86_64.rpm
> mysql-debuginfo-5.1.73-3.el6_5.i686.rpm
> mysql-debuginfo-5.1.73-3.el6_5.x86_64.rpm
> mysql-libs-5.1.73-3.el6_5.i686.rpm
> mysql-libs-5.1.73-3.el6_5.x86_64.rpm
> mysql-server-5.1.73-3.el6_5.x86_64.rpm
> mysql-bench-5.1.73-3.el6_5.x86_64.rpm
> mysql-devel-5.1.73-3.el6_5.i686.rpm
> mysql-devel-5.1.73-3.el6_5.x86_64.rpm
> mysql-embedded-5.1.73-3.el6_5.i686.rpm
> mysql-embedded-5.1.73-3.el6_5.x86_64.rpm
> mysql-embedded-devel-5.1.73-3.el6_5.i686.rpm
> mysql-embedded-devel-5.1.73-3.el6_5.x86_64.rpm
> mysql-test-5.1.73-3.el6_5.x86_64.rpm
> i386
> mysql-5.1.73-3.el6_5.i686.rpm
> mysql-debuginfo-5.1.73-3.el6_5.i686.rpm
> mysql-libs-5.1.73-3.el6_5.i686.rpm
> mysql-server-5.1.73-3.el6_5.i686.rpm
> mysql-bench-5.1.73-3.el6_5.i686.rpm
> mysql-devel-5.1.73-3.el6_5.i686.rpm
> mysql-embedded-5.1.73-3.el6_5.i686.rpm
> mysql-embedded-devel-5.1.73-3.el6_5.i686.rpm
> mysql-test-5.1.73-3.el6_5.i686.rpm
>
>- Scientific Linux Development Team
|
|
|