Risks
Advisories
Browse
or
or
Ubuntu Security Notice - mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1703-1)
==========================================================================
Ubuntu Security Notice USN-1703-1
January 22, 2013

mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in MySQL.

Software Description:
- mysql-5.5: MySQL database
- mysql-5.1: MySQL database
- mysql-dfsg-5.1: MySQL database

Details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.1.67 in Ubuntu 10.04 LTS and Ubuntu 11.10.
Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.29.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-67.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-29.html
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
  mysql-server-5.5                5.5.29-0ubuntu0.12.10.1

Ubuntu 12.04 LTS:
  mysql-server-5.5                5.5.29-0ubuntu0.12.04.1

Ubuntu 11.10:
  mysql-server-5.1                5.1.67-0ubuntu0.11.10.1

Ubuntu 10.04 LTS:
  mysql-server-5.1                5.1.67-0ubuntu0.10.04.1

In general, a standard system update will make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1703-1
  CVE-2012-0572, CVE-2012-0574, CVE-2012-0578, CVE-2012-1702,
  CVE-2012-1705, CVE-2012-5060, CVE-2012-5096, CVE-2012-5611,
  CVE-2012-5612, CVE-2013-0367, CVE-2013-0368, CVE-2013-0371,
  CVE-2013-0375, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385,
  CVE-2013-0386, CVE-2013-0389

Package Information:
  https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.29-0ubuntu0.12.10.1
  https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.29-0ubuntu0.12.04.1
  https://launchpad.net/ubuntu/+source/mysql-5.1/5.1.67-0ubuntu0.11.10.1

https://launchpad.net/ubuntu/+source/mysql-dfsg-5.1/5.1.67-0ubuntu0.10.04.1




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //