This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6903967167608663496== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="MpbssHTcEoX5iIllBA701lB6wrFKFonCT"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --MpbssHTcEoX5iIllBA701lB6wrFKFonCT Content-Type: multipart/mixed; boundary="Ubn9r8HRFme3jrXd8oeUrMniglMNXgKAp" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <df599ee9-13d1-9eff-67c2-577dc0ff2a9d@canonical.com> Subject: [USN-3040-1] MySQL vulnerabilities
--Ubn9r8HRFme3jrXd8oeUrMniglMNXgKAp Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3040-1 July 21, 2016
mysql-5.5, mysql-5.6, mysql-5.7 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS - Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description: - mysql-5.7: MySQL database - mysql-5.6: MySQL database - mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.50 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.31. Ubuntu 16.04 LTS has been updated to MySQL 5.7.13.
In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-13.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: mysql-server-5.7 5.7.13-0ubuntu0.16.04.2
Ubuntu 15.10: mysql-server-5.6 5.6.31-0ubuntu0.15.10.1
Ubuntu 14.04 LTS: mysql-server-5.5 5.5.50-0ubuntu0.14.04.1
Ubuntu 12.04 LTS: mysql-server-5.5 5.5.50-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3040-1 CVE-2016-3424, CVE-2016-3459, CVE-2016-3477, CVE-2016-3486, CVE-2016-3501, CVE-2016-3518, CVE-2016-3521, CVE-2016-3588, CVE-2016-3614, CVE-2016-3615, CVE-2016-5436, CVE-2016-5437, CVE-2016-5439, CVE-2016-5440, CVE-2016-5441, CVE-2016-5442, CVE-2016-5443
Package Information: https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.13-0ubuntu0.16.04.2 https://launchpad.net/ubuntu/+source/mysql-5.6/5.6.31-0ubuntu0.15.10.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.50-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.50-0ubuntu0.12.04.1
--Ubn9r8HRFme3jrXd8oeUrMniglMNXgKAp--
--MpbssHTcEoX5iIllBA701lB6wrFKFonCT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJXkQqrAAoJEGVp2FWnRL6TmyIP/01y7/7AYNkWQmyfe378ID9X U27n7pAJ+3Eu7UKXpTwHvNmgcEjEfKnqX+tBqW8fxflbETJ2Z4NT7HnNC/6r2FH8 t7ZTzV0fkTdnc6U2FyOlG1jJOOamsewc7+xnZyU9JdVMSBILkF1BQ5TOLib20/DJ QwLNQADUBTjJLe2Ji4lvqbXABZ3gUyWEpA8V2kDGEToCyQTw+CibovBp2mwoOQm8 M4v7MxpjMbLWR7ePrhkdU5RM7MkuuKe4344tpEXZP8VmdGJhBfsjOtPYTx31NICw L1XdvkOGb7gVFwuC7shTaYg3ZzSE3gymS+0SZ2IiYpJAQSZ2mXOTjowGIBwJ+c+q zPuLE9Gl4XKx6fKm2coufl1sH05Qfo6JmxuY4mfK10eXXT9c4a5+KgDQgMjJoUxP BwMHxij/Pd4Dmx7JfvAQZK34FX7ZqRdnXBEiUD7ko8MWby2I0kKiaufd+NLR1PCD 6BQzJXB9iyzD4MoVRk+2AcaNSS8iQ4iYG9j1VE0obkxcsjQ4J2O2g/DGWM9tadA8 E4PoFvuWgBbbaDwdKiEJHD2f3hF1kXJOgC/6/ZfhKScEZUVvx725L/G4+ImCIo7H mfMlGDchx2Xq0Ayh1TTxz9HKI63xyiFHo4/4EQJ/F2vVAE7rqeh5BDdyIWO10cE4 /z2fMYRPKp+7ofNGr9d1 =7mtH -----END PGP SIGNATURE-----
--MpbssHTcEoX5iIllBA701lB6wrFKFonCT--
--===============6903967167608663496== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6903967167608663496==--
|