Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in mysql-community-server
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in mysql-community-server
ID: openSUSE-SU-2016:2769-1
Distribution: SUSE
Plattformen: openSUSE 13.2, openSUSE Leap 42.1
Datum: Do, 10. November 2016, 22:53
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5617
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3614
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5630
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5609
Applikationen: MySQL

Originalnachricht

   openSUSE Security Update: Security update for mysql-community-server
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:2769-1
Rating: important
References: #1005555 #1005557 #1005558 #1005560 #1005561
#1005562 #1005563 #1005566 #1005567 #1005569
#1005570 #1005581 #1005582 #1005583 #1005586
#971456 #977614 #983938 #986251 #989911 #989913
#989914 #989915 #989919 #989921 #989922 #989925
#989926 #990890 #998309 #999666
Cross-References: CVE-2016-2105 CVE-2016-3459 CVE-2016-3477
CVE-2016-3486 CVE-2016-3492 CVE-2016-3501
CVE-2016-3521 CVE-2016-3614 CVE-2016-3615
CVE-2016-5439 CVE-2016-5440 CVE-2016-5507
CVE-2016-5584 CVE-2016-5609 CVE-2016-5612
CVE-2016-5616 CVE-2016-5617 CVE-2016-5626
CVE-2016-5627 CVE-2016-5629 CVE-2016-5630
CVE-2016-6304 CVE-2016-6662 CVE-2016-7440
CVE-2016-8283 CVE-2016-8284 CVE-2016-8288

Affected Products:
openSUSE Leap 42.1
openSUSE 13.2
______________________________________________________________________________

An update that solves 27 vulnerabilities and has four fixes
is now available.

Description:


mysql-community-server was updated to 5.6.34 to fix the following issues:

* Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-34.html
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-32.html
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html
* fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584,
CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492,
CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609,
CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284,
CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486,
CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614,
CVE-2016-3459, CVE-2016-5439, CVE-2016-5440
* fixes SUSE Bugs: [boo#999666], [boo#998309], [boo#1005581],
[boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566],
[boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582],
[boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570],
[boo#1005583], [boo#1005586], [boo#989913], [boo#977614],
[boo#989914], [boo#989915], [boo#989919], [boo#989922], [boo#989921],
[boo#989911], [boo#989925], [boo#989926]
- append "--ignore-db-dir=lost+found" to the mysqld options in
"mysql-systemd-helper" script if "lost+found" directory is
found in
$datadir [boo#986251]
- remove syslog.target from *.service files [boo#983938]
- add systemd to deps to build on leap and friends
- replace '%{_libexecdir}/systemd/system' with %{_unitdir} macro
- remove useless mysql@default.service [boo#971456]
- replace all occurrences of the string "@sysconfdir@" with
"/etc" in
mysql-community-server-5.6.3-logrotate.patch as it wasn't expanded
properly [boo#990890]
- remove '%define _rundir' as 13.1 is out of support scope
- run 'usermod -g mysql mysql' only if mysql user is not in mysql
group.
Run 'usermod -s /bin/false/ mysql' only if mysql user doesn't
have
'/bin/false' shell set.
- re-enable mysql profiling


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2016-1283=1

- openSUSE 13.2:

zypper in -t patch openSUSE-2016-1283=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.1 (i586 x86_64):

libmysql56client18-5.6.34-19.2
libmysql56client18-debuginfo-5.6.34-19.2
libmysql56client_r18-5.6.34-19.2
mysql-community-server-5.6.34-19.2
mysql-community-server-bench-5.6.34-19.2
mysql-community-server-bench-debuginfo-5.6.34-19.2
mysql-community-server-client-5.6.34-19.2
mysql-community-server-client-debuginfo-5.6.34-19.2
mysql-community-server-debuginfo-5.6.34-19.2
mysql-community-server-debugsource-5.6.34-19.2
mysql-community-server-errormessages-5.6.34-19.2
mysql-community-server-test-5.6.34-19.2
mysql-community-server-test-debuginfo-5.6.34-19.2
mysql-community-server-tools-5.6.34-19.2
mysql-community-server-tools-debuginfo-5.6.34-19.2

- openSUSE Leap 42.1 (x86_64):

libmysql56client18-32bit-5.6.34-19.2
libmysql56client18-debuginfo-32bit-5.6.34-19.2
libmysql56client_r18-32bit-5.6.34-19.2

- openSUSE 13.2 (i586 x86_64):

libmysql56client18-5.6.34-2.23.1
libmysql56client18-debuginfo-5.6.34-2.23.1
libmysql56client_r18-5.6.34-2.23.1
mysql-community-server-5.6.34-2.23.1
mysql-community-server-bench-5.6.34-2.23.1
mysql-community-server-bench-debuginfo-5.6.34-2.23.1
mysql-community-server-client-5.6.34-2.23.1
mysql-community-server-client-debuginfo-5.6.34-2.23.1
mysql-community-server-debuginfo-5.6.34-2.23.1
mysql-community-server-debugsource-5.6.34-2.23.1
mysql-community-server-errormessages-5.6.34-2.23.1
mysql-community-server-test-5.6.34-2.23.1
mysql-community-server-test-debuginfo-5.6.34-2.23.1
mysql-community-server-tools-5.6.34-2.23.1
mysql-community-server-tools-debuginfo-5.6.34-2.23.1

- openSUSE 13.2 (x86_64):

libmysql56client18-32bit-5.6.34-2.23.1
libmysql56client18-debuginfo-32bit-5.6.34-2.23.1
libmysql56client_r18-32bit-5.6.34-2.23.1


References:

https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-3459.html
https://www.suse.com/security/cve/CVE-2016-3477.html
https://www.suse.com/security/cve/CVE-2016-3486.html
https://www.suse.com/security/cve/CVE-2016-3492.html
https://www.suse.com/security/cve/CVE-2016-3501.html
https://www.suse.com/security/cve/CVE-2016-3521.html
https://www.suse.com/security/cve/CVE-2016-3614.html
https://www.suse.com/security/cve/CVE-2016-3615.html
https://www.suse.com/security/cve/CVE-2016-5439.html
https://www.suse.com/security/cve/CVE-2016-5440.html
https://www.suse.com/security/cve/CVE-2016-5507.html
https://www.suse.com/security/cve/CVE-2016-5584.html
https://www.suse.com/security/cve/CVE-2016-5609.html
https://www.suse.com/security/cve/CVE-2016-5612.html
https://www.suse.com/security/cve/CVE-2016-5616.html
https://www.suse.com/security/cve/CVE-2016-5617.html
https://www.suse.com/security/cve/CVE-2016-5626.html
https://www.suse.com/security/cve/CVE-2016-5627.html
https://www.suse.com/security/cve/CVE-2016-5629.html
https://www.suse.com/security/cve/CVE-2016-5630.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6662.html
https://www.suse.com/security/cve/CVE-2016-7440.html
https://www.suse.com/security/cve/CVE-2016-8283.html
https://www.suse.com/security/cve/CVE-2016-8284.html
https://www.suse.com/security/cve/CVE-2016-8288.html
https://bugzilla.suse.com/1005555
https://bugzilla.suse.com/1005557
https://bugzilla.suse.com/1005558
https://bugzilla.suse.com/1005560
https://bugzilla.suse.com/1005561
https://bugzilla.suse.com/1005562
https://bugzilla.suse.com/1005563
https://bugzilla.suse.com/1005566
https://bugzilla.suse.com/1005567
https://bugzilla.suse.com/1005569
https://bugzilla.suse.com/1005570
https://bugzilla.suse.com/1005581
https://bugzilla.suse.com/1005582
https://bugzilla.suse.com/1005583
https://bugzilla.suse.com/1005586
https://bugzilla.suse.com/971456
https://bugzilla.suse.com/977614
https://bugzilla.suse.com/983938
https://bugzilla.suse.com/986251
https://bugzilla.suse.com/989911
https://bugzilla.suse.com/989913
https://bugzilla.suse.com/989914
https://bugzilla.suse.com/989915
https://bugzilla.suse.com/989919
https://bugzilla.suse.com/989921
https://bugzilla.suse.com/989922
https://bugzilla.suse.com/989925
https://bugzilla.suse.com/989926
https://bugzilla.suse.com/990890
https://bugzilla.suse.com/998309
https://bugzilla.suse.com/999666

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung