SUSE Security Update: Security update for MySQL
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0769-1
Rating:             important
References:         #858823 #861493 #873896 
Cross-References:   CVE-2013-4316 CVE-2013-5860 CVE-2013-5881
                    CVE-2013-5882 CVE-2013-5891 CVE-2013-5894
                    CVE-2013-5908 CVE-2014-0001 CVE-2014-0384
                    CVE-2014-0386 CVE-2014-0393 CVE-2014-0401
                    CVE-2014-0402 CVE-2014-0412 CVE-2014-0420
                    CVE-2014-0427 CVE-2014-0430 CVE-2014-0431
                    CVE-2014-0433 CVE-2014-0437 CVE-2014-2419
                    CVE-2014-2430 CVE-2014-2431 CVE-2014-2432
                    CVE-2014-2434 CVE-2014-2435 CVE-2014-2436
                    CVE-2014-2438 CVE-2014-2440 CVE-2014-2442
                    CVE-2014-2444 CVE-2014-2450 CVE-2014-2451
                   
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP3
                    SUSE Linux Enterprise Server 11 SP3 for VMware
                    SUSE Linux Enterprise Server 11 SP3
                    SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________

   An update that fixes 33 vulnerabilities is now available.
   It includes one version update.

Description:


   MySQL was updated to version 5.5.37 to address various security issues.

   More information is available at
   http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#A
   ppendixMSQL
   <http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#
   AppendixMSQL> and
   http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#A
   ppendixMSQL
   <http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#
   AppendixMSQL> .

   Security Issues references:

       * CVE-2014-2444
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2444>
       * CVE-2014-2436
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436>
       * CVE-2014-2440
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440>
       * CVE-2014-2434
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2434>
       * CVE-2014-2435
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2435>
       * CVE-2014-2442
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2442>
       * CVE-2014-2450
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2450>
       * CVE-2014-2419
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419>
       * CVE-2014-0384
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384>
       * CVE-2014-2430
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430>
       * CVE-2014-2451
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2451>
       * CVE-2014-2438
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438>
       * CVE-2014-2432
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432>
       * CVE-2014-2431
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431>
       * CVE-2013-4316
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4316>
       * CVE-2013-5860
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5860>
       * CVE-2013-5882
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5882>
       * CVE-2014-0433
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0433>
       * CVE-2013-5894
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5894>
       * CVE-2013-5881
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5881>
       * CVE-2014-0412
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0412>
       * CVE-2014-0402
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0402>
       * CVE-2014-0386
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0386>
       * CVE-2013-5891
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5891>
       * CVE-2014-0401
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0401>
       * CVE-2014-0427
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0427>
       * CVE-2014-0431
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0431>
       * CVE-2014-0437
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0437>
       * CVE-2014-0393
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0393>
       * CVE-2014-0430
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0430>
       * CVE-2014-0420
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0420>
       * CVE-2013-5908
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5908>
       * CVE-2014-0001
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001>


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP3:

      zypper in -t patch sdksp3-libmysql55client18-9303

   - SUSE Linux Enterprise Server 11 SP3 for VMware:

      zypper in -t patch slessp3-libmysql55client18-9303

   - SUSE Linux Enterprise Server 11 SP3:

      zypper in -t patch slessp3-libmysql55client18-9303

   - SUSE Linux Enterprise Desktop 11 SP3:

      zypper in -t patch sledsp3-libmysql55client18-9303

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x
 x86_64):

      libmysql55client_r18-32bit-5.5.37-0.7.1
      libmysqlclient_r15-32bit-5.0.96-0.6.11

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64):

      libmysql55client_r18-x86-5.5.37-0.7.1
      libmysqlclient_r15-x86-5.0.96-0.6.11

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version:
 5.5.37]:

      libmysql55client18-5.5.37-0.7.1
      libmysql55client_r18-5.5.37-0.7.1
      libmysqlclient15-5.0.96-0.6.11
      libmysqlclient_r15-5.0.96-0.6.11
      mysql-5.5.37-0.7.1
      mysql-client-5.5.37-0.7.1
      mysql-tools-5.5.37-0.7.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version:
 5.5.37]:

      libmysql55client18-32bit-5.5.37-0.7.1
      libmysqlclient15-32bit-5.0.96-0.6.11

   - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New
 Version: 5.5.37]:

      libmysql55client18-5.5.37-0.7.1
      libmysql55client_r18-5.5.37-0.7.1
      libmysqlclient15-5.0.96-0.6.11
      libmysqlclient_r15-5.0.96-0.6.11
      mysql-5.5.37-0.7.1
      mysql-client-5.5.37-0.7.1
      mysql-tools-5.5.37-0.7.1

   - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version:
 5.5.37]:

      libmysql55client18-32bit-5.5.37-0.7.1
      libmysqlclient15-32bit-5.0.96-0.6.11

   - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 5.5.37]:

      libmysql55client18-x86-5.5.37-0.7.1
      libmysqlclient15-x86-5.0.96-0.6.11

   - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 5.5.37]:

      libmysql55client18-5.5.37-0.7.1
      libmysql55client_r18-5.5.37-0.7.1
      libmysqlclient15-5.0.96-0.6.11
      libmysqlclient_r15-5.0.96-0.6.11
      mysql-5.5.37-0.7.1
      mysql-client-5.5.37-0.7.1

   - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 5.5.37]:

      libmysql55client18-32bit-5.5.37-0.7.1
      libmysql55client_r18-32bit-5.5.37-0.7.1
      libmysqlclient15-32bit-5.0.96-0.6.11
      libmysqlclient_r15-32bit-5.0.96-0.6.11


References:

   http://support.novell.com/security/cve/CVE-2013-4316.html
   http://support.novell.com/security/cve/CVE-2013-5860.html
   http://support.novell.com/security/cve/CVE-2013-5881.html
   http://support.novell.com/security/cve/CVE-2013-5882.html
   http://support.novell.com/security/cve/CVE-2013-5891.html
   http://support.novell.com/security/cve/CVE-2013-5894.html
   http://support.novell.com/security/cve/CVE-2013-5908.html
   http://support.novell.com/security/cve/CVE-2014-0001.html
   http://support.novell.com/security/cve/CVE-2014-0384.html
   http://support.novell.com/security/cve/CVE-2014-0386.html
   http://support.novell.com/security/cve/CVE-2014-0393.html
   http://support.novell.com/security/cve/CVE-2014-0401.html
   http://support.novell.com/security/cve/CVE-2014-0402.html
   http://support.novell.com/security/cve/CVE-2014-0412.html
   http://support.novell.com/security/cve/CVE-2014-0420.html
   http://support.novell.com/security/cve/CVE-2014-0427.html
   http://support.novell.com/security/cve/CVE-2014-0430.html
   http://support.novell.com/security/cve/CVE-2014-0431.html
   http://support.novell.com/security/cve/CVE-2014-0433.html
   http://support.novell.com/security/cve/CVE-2014-0437.html
   http://support.novell.com/security/cve/CVE-2014-2419.html
   http://support.novell.com/security/cve/CVE-2014-2430.html
   http://support.novell.com/security/cve/CVE-2014-2431.html
   http://support.novell.com/security/cve/CVE-2014-2432.html
   http://support.novell.com/security/cve/CVE-2014-2434.html
   http://support.novell.com/security/cve/CVE-2014-2435.html
   http://support.novell.com/security/cve/CVE-2014-2436.html
   http://support.novell.com/security/cve/CVE-2014-2438.html
   http://support.novell.com/security/cve/CVE-2014-2440.html
   http://support.novell.com/security/cve/CVE-2014-2442.html
   http://support.novell.com/security/cve/CVE-2014-2444.html
   http://support.novell.com/security/cve/CVE-2014-2450.html
   http://support.novell.com/security/cve/CVE-2014-2451.html
   https://bugzilla.novell.com/858823
   https://bugzilla.novell.com/861493
   https://bugzilla.novell.com/873896
   ?keywords=ab4ffe747d344a455ea19aa1b92c9b75

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org