Risks
Advisories
Browse
or
or
SUSE Security Announcement - MySQL (SUSE-SU-2013:0262-1)
SUSE Security Update: Security update for MySQL
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0262-1
Rating:             important
References:         #792444
Cross-References:   CVE-2012-5611 CVE-2012-5612 CVE-2012-5613
                    CVE-2012-5615
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
______________________________________________________________________________

   An update that fixes four vulnerabilities is now available.
   It includes one version update.

Description:


   A stack-based buffer overflow in MySQL has been fixed that
   could have  caused a Denial of Service or potentially
   allowed the execution of  arbitrary code (CVE-2012-5611).

   Security Issue references:

   * CVE-2012-5615
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
   >
   * CVE-2012-5615
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
   >
   * CVE-2012-5613
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5613
   >
   * CVE-2012-5612
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612
   >
   * CVE-2012-5611
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-libmysqlclient-devel-7251

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-libmysqlclient-devel-7251

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-libmysqlclient-devel-7251

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-libmysqlclient-devel-7251

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x
x86_64) [New Version: 5.0.96]:

      libmysqlclient-devel-5.0.96-0.6.1

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64) [New
Version: 5.0.96]:

      libmysqlclient_r15-32bit-5.0.96-0.6.1

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64) [New Version:
5.0.96]:

      libmysqlclient_r15-x86-5.0.96-0.6.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version:
5.0.96]:

      libmysqlclient15-5.0.96-0.6.1
      libmysqlclient_r15-5.0.96-0.6.1
      mysql-5.0.96-0.6.1
      mysql-Max-5.0.96-0.6.1
      mysql-client-5.0.96-0.6.1
      mysql-tools-5.0.96-0.6.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 5.0.96]:

      libmysqlclient15-32bit-5.0.96-0.6.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version:
5.0.96]:

      libmysqlclient15-5.0.96-0.6.1
      libmysqlclient_r15-5.0.96-0.6.1
      mysql-5.0.96-0.6.1
      mysql-Max-5.0.96-0.6.1
      mysql-client-5.0.96-0.6.1
      mysql-tools-5.0.96-0.6.1

   - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 5.0.96]:

      libmysqlclient15-32bit-5.0.96-0.6.1

   - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 5.0.96]:

      libmysqlclient15-x86-5.0.96-0.6.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 5.0.96]:

      libmysqlclient15-5.0.96-0.6.1
      libmysqlclient_r15-5.0.96-0.6.1
      mysql-5.0.96-0.6.1
      mysql-client-5.0.96-0.6.1

   - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 5.0.96]:

      libmysqlclient15-32bit-5.0.96-0.6.1
      libmysqlclient_r15-32bit-5.0.96-0.6.1


References:

   http://support.novell.com/security/cve/CVE-2012-5611.html
   http://support.novell.com/security/cve/CVE-2012-5612.html
   http://support.novell.com/security/cve/CVE-2012-5613.html
   http://support.novell.com/security/cve/CVE-2012-5615.html
   https://bugzilla.novell.com/792444
   http://download.novell.com/patch/finder/?keywords=2bcc2cee7b87c19c04bc8cce83ac72ab




Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //