This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============7146983060144841834== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="71EPWklddleOflD0Q6GTPg4JcHcjS2n2P"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --71EPWklddleOflD0Q6GTPg4JcHcjS2n2P Content-Type: multipart/mixed; boundary="re7a867pDwja7XqUxMPlLsPSSbgTTTBJ9" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <fd028ca0-7bbd-e141-3847-4fa013d0d7d5@canonical.com> Subject: [USN-3269-1] MySQL vulnerabilities
--re7a867pDwja7XqUxMPlLsPSSbgTTTBJ9 Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3269-1 April 27, 2017
mysql-5.5, mysql-5.7 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04 - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description: - mysql-5.7: MySQL database - mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been updated to MySQL 5.7.18.
In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: mysql-server-5.7 5.7.18-0ubuntu0.17.04.1
Ubuntu 16.10: mysql-server-5.7 5.7.18-0ubuntu0.16.10.1
Ubuntu 16.04 LTS: mysql-server-5.7 5.7.18-0ubuntu0.16.04.1
Ubuntu 14.04 LTS: mysql-server-5.5 5.5.55-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3269-1 CVE-2017-3302, CVE-2017-3305, CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459, CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468, CVE-2017-3599, CVE-2017-3600
Package Information: https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.18-0ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.18-0ubuntu0.16.10.1 https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.18-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.55-0ubuntu0.14.04.1
--re7a867pDwja7XqUxMPlLsPSSbgTTTBJ9--
--71EPWklddleOflD0Q6GTPg4JcHcjS2n2P Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJZAf8MAAoJEGVp2FWnRL6TDPUQALPCaONSTE5CEA3+gIcLFSd4 HJ1cKhA59OuXJ9NNUHP5yObXK8dm6GLIo1OEnz43baEiXWLvF9C154zR+7Bai9ci IxG4XjBRl6nXxI9DF7LR/4ScOohmETxTqsyTasu3IqGTLj0ei9uru21U/6M8BbMZ C/M7dIrrAktI7cKmsNXKyuIakSyp+5MgEO4a7vLbTOK0PUidGRlHKZzcFT26Somd JXyu4003w2S+7RiPn1xFtkedmAAh49pYXJHXSS9oQSaKaPUwyKlaAVRBEkqgsw9I cj39Fh15yEwQZsCKRKVFmxwcv4cbwBGuIH/9QW+sqTSioLPZ+4W0a6aAJlkbzfvj /PbEckFbQMp/542qN8uktqr+AiQt34wDv1X88TtJ5WZ1xjwpeA8LK7+y+tPhvRFI vbZDZIMxNyk4cHwL/dQiGyXrNci3WxfSMNrD3lnnseRm4S9FERrz1mg2E6x7iZYO fupAXXY1LDfYj/uTaE5ePRPFrgws+9Dl41ZEpouIWq4Zt40kXKbrQxkFv3aekPcH kODEA3gZeXIKDALVWXJVjvu6Fzqg7PmO8+DQo536jy5e0XQxt087exMDCRd0p23O W+YzLLC9In8cRCWEu7JJSbc/7Is9KNWUWd3uvPRdOKGU9knERrvJJjxRoG5sGNeO aRL3p2/fu0eye20B/6Kw =0/Ks -----END PGP SIGNATURE-----
--71EPWklddleOflD0Q6GTPg4JcHcjS2n2P--
--===============7146983060144841834== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7146983060144841834==--
|