drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in MySQL
Name: |
Mehrere Probleme in MySQL |
|
ID: |
201802-04 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 20. Februar 2018, 07:06 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2018-2622
https://nvd.nist.gov/vuln/detail/CVE-2017-3652
https://nvd.nist.gov/vuln/detail/CVE-2017-3633
https://nvd.nist.gov/vuln/detail/CVE-2017-10294
https://nvd.nist.gov/vuln/detail/CVE-2017-3651
https://nvd.nist.gov/vuln/detail/CVE-2018-2696
https://nvd.nist.gov/vuln/detail/CVE-2018-2640
https://nvd.nist.gov/vuln/detail/CVE-2018-2583
https://nvd.nist.gov/vuln/detail/CVE-2017-3462
https://nvd.nist.gov/vuln/detail/CVE-2017-3453
https://nvd.nist.gov/vuln/detail/CVE-2018-2703
https://nvd.nist.gov/vuln/detail/CVE-2017-3732
https://nvd.nist.gov/vuln/detail/CVE-2017-3648
https://nvd.nist.gov/vuln/detail/CVE-2017-3463
https://nvd.nist.gov/vuln/detail/CVE-2017-10314
https://nvd.nist.gov/vuln/detail/CVE-2017-3329
https://nvd.nist.gov/vuln/detail/CVE-2018-2668
https://nvd.nist.gov/vuln/detail/CVE-2017-10384
https://nvd.nist.gov/vuln/detail/CVE-2017-10379
https://nvd.nist.gov/vuln/detail/CVE-2017-3309
https://nvd.nist.gov/vuln/detail/CVE-2018-2590
https://nvd.nist.gov/vuln/detail/CVE-2017-3461
https://nvd.nist.gov/vuln/detail/CVE-2017-3456
https://nvd.nist.gov/vuln/detail/CVE-2017-10286
https://nvd.nist.gov/vuln/detail/CVE-2018-2647
https://nvd.nist.gov/vuln/detail/CVE-2017-3637
https://nvd.nist.gov/vuln/detail/CVE-2018-2645
https://nvd.nist.gov/vuln/detail/CVE-2018-2562
https://nvd.nist.gov/vuln/detail/CVE-2017-10227
https://nvd.nist.gov/vuln/detail/CVE-2017-3464
https://nvd.nist.gov/vuln/detail/CVE-2017-10155
https://nvd.nist.gov/vuln/detail/CVE-2018-2573
https://nvd.nist.gov/vuln/detail/CVE-2017-3452
https://nvd.nist.gov/vuln/detail/CVE-2018-2612
https://nvd.nist.gov/vuln/detail/CVE-2017-3599
https://nvd.nist.gov/vuln/detail/CVE-2017-3636
https://nvd.nist.gov/vuln/detail/CVE-2017-3635
https://nvd.nist.gov/vuln/detail/CVE-2017-3450
https://nvd.nist.gov/vuln/detail/CVE-2017-10276
https://nvd.nist.gov/vuln/detail/CVE-2017-3634
https://nvd.nist.gov/vuln/detail/CVE-2017-10378
https://nvd.nist.gov/vuln/detail/CVE-2018-2591
https://nvd.nist.gov/vuln/detail/CVE-2017-3600
https://nvd.nist.gov/vuln/detail/CVE-2017-3649
https://nvd.nist.gov/vuln/detail/CVE-2017-3641
https://nvd.nist.gov/vuln/detail/CVE-2017-3308
https://nvd.nist.gov/vuln/detail/CVE-2017-3653
https://nvd.nist.gov/vuln/detail/CVE-2017-3647
https://nvd.nist.gov/vuln/detail/CVE-2017-10283
https://nvd.nist.gov/vuln/detail/CVE-2017-10268
https://nvd.nist.gov/vuln/detail/CVE-2018-2665 |
|
Applikationen: |
MySQL |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --8jpikXc17oSV3wTevlU3Dow7t0QhsIrzg Content-Type: multipart/mixed; boundary="vmHQgVa28XavcAIE6DyXWydApqjWXneFa"; protected-headers="v1" From: Thomas Deutschmann <whissi@gentoo.org> Reply-To: security@gentoo.org To: gentoo-announce@lists.gentoo.org Message-ID: <7a594f10-5c06-e039-b386-d7383f6b5b1a@gentoo.org> Subject: [ GLSA 201802-04 ] MySQL: Multiple vulnerabilities
--vmHQgVa28XavcAIE6DyXWydApqjWXneFa Content-Type: text/plain; charset=utf-8 Content-Language: en-U Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201802-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: MySQL: Multiple vulnerabilities Date: February 20, 2018 Bugs: #616486, #625626, #634652, #644986 ID: 201802-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities were found in MySQL, the worst of which may allow remote execution of arbitrary code.
Background ==========
A fast, multi-threaded, multi-user SQL database server.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.6.39 >= 5.6.39
Description ===========
Multiple vulnerabilities have been discovered in MySQL. Please review the referenced CVE identifiers for details.
Impact ======
A remote attacker could execute arbitrary code without authentication or cause a partial denial of service condition.
Workaround ==========
There are no known workarounds at this time.
Resolution ==========
All MySQL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.6.39"
References ==========
[ 1 ] CVE-2017-10155 https://nvd.nist.gov/vuln/detail/CVE-2017-10155 [ 2 ] CVE-2017-10227 https://nvd.nist.gov/vuln/detail/CVE-2017-10227 [ 3 ] CVE-2017-10268 https://nvd.nist.gov/vuln/detail/CVE-2017-10268 [ 4 ] CVE-2017-10276 https://nvd.nist.gov/vuln/detail/CVE-2017-10276 [ 5 ] CVE-2017-10283 https://nvd.nist.gov/vuln/detail/CVE-2017-10283 [ 6 ] CVE-2017-10286 https://nvd.nist.gov/vuln/detail/CVE-2017-10286 [ 7 ] CVE-2017-10294 https://nvd.nist.gov/vuln/detail/CVE-2017-10294 [ 8 ] CVE-2017-10314 https://nvd.nist.gov/vuln/detail/CVE-2017-10314 [ 9 ] CVE-2017-10378 https://nvd.nist.gov/vuln/detail/CVE-2017-10378 [ 10 ] CVE-2017-10379 https://nvd.nist.gov/vuln/detail/CVE-2017-10379 [ 11 ] CVE-2017-10384 https://nvd.nist.gov/vuln/detail/CVE-2017-10384 [ 12 ] CVE-2017-3308 https://nvd.nist.gov/vuln/detail/CVE-2017-3308 [ 13 ] CVE-2017-3309 https://nvd.nist.gov/vuln/detail/CVE-2017-3309 [ 14 ] CVE-2017-3329 https://nvd.nist.gov/vuln/detail/CVE-2017-3329 [ 15 ] CVE-2017-3450 https://nvd.nist.gov/vuln/detail/CVE-2017-3450 [ 16 ] CVE-2017-3452 https://nvd.nist.gov/vuln/detail/CVE-2017-3452 [ 17 ] CVE-2017-3453 https://nvd.nist.gov/vuln/detail/CVE-2017-3453 [ 18 ] CVE-2017-3456 https://nvd.nist.gov/vuln/detail/CVE-2017-3456 [ 19 ] CVE-2017-3461 https://nvd.nist.gov/vuln/detail/CVE-2017-3461 [ 20 ] CVE-2017-3462 https://nvd.nist.gov/vuln/detail/CVE-2017-3462 [ 21 ] CVE-2017-3463 https://nvd.nist.gov/vuln/detail/CVE-2017-3463 [ 22 ] CVE-2017-3464 https://nvd.nist.gov/vuln/detail/CVE-2017-3464 [ 23 ] CVE-2017-3599 https://nvd.nist.gov/vuln/detail/CVE-2017-3599 [ 24 ] CVE-2017-3600 https://nvd.nist.gov/vuln/detail/CVE-2017-3600 [ 25 ] CVE-2017-3633 https://nvd.nist.gov/vuln/detail/CVE-2017-3633 [ 26 ] CVE-2017-3634 https://nvd.nist.gov/vuln/detail/CVE-2017-3634 [ 27 ] CVE-2017-3635 https://nvd.nist.gov/vuln/detail/CVE-2017-3635 [ 28 ] CVE-2017-3636 https://nvd.nist.gov/vuln/detail/CVE-2017-3636 [ 29 ] CVE-2017-3637 https://nvd.nist.gov/vuln/detail/CVE-2017-3637 [ 30 ] CVE-2017-3641 https://nvd.nist.gov/vuln/detail/CVE-2017-3641 [ 31 ] CVE-2017-3647 https://nvd.nist.gov/vuln/detail/CVE-2017-3647 [ 32 ] CVE-2017-3648 https://nvd.nist.gov/vuln/detail/CVE-2017-3648 [ 33 ] CVE-2017-3649 https://nvd.nist.gov/vuln/detail/CVE-2017-3649 [ 34 ] CVE-2017-3651 https://nvd.nist.gov/vuln/detail/CVE-2017-3651 [ 35 ] CVE-2017-3652 https://nvd.nist.gov/vuln/detail/CVE-2017-3652 [ 36 ] CVE-2017-3653 https://nvd.nist.gov/vuln/detail/CVE-2017-3653 [ 37 ] CVE-2017-3732 https://nvd.nist.gov/vuln/detail/CVE-2017-3732 [ 38 ] CVE-2018-2562 https://nvd.nist.gov/vuln/detail/CVE-2018-2562 [ 39 ] CVE-2018-2573 https://nvd.nist.gov/vuln/detail/CVE-2018-2573 [ 40 ] CVE-2018-2583 https://nvd.nist.gov/vuln/detail/CVE-2018-2583 [ 41 ] CVE-2018-2590 https://nvd.nist.gov/vuln/detail/CVE-2018-2590 [ 42 ] CVE-2018-2591 https://nvd.nist.gov/vuln/detail/CVE-2018-2591 [ 43 ] CVE-2018-2612 https://nvd.nist.gov/vuln/detail/CVE-2018-2612 [ 44 ] CVE-2018-2622 https://nvd.nist.gov/vuln/detail/CVE-2018-2622 [ 45 ] CVE-2018-2640 https://nvd.nist.gov/vuln/detail/CVE-2018-2640 [ 46 ] CVE-2018-2645 https://nvd.nist.gov/vuln/detail/CVE-2018-2645 [ 47 ] CVE-2018-2647 https://nvd.nist.gov/vuln/detail/CVE-2018-2647 [ 48 ] CVE-2018-2665 https://nvd.nist.gov/vuln/detail/CVE-2018-2665 [ 49 ] CVE-2018-2668 https://nvd.nist.gov/vuln/detail/CVE-2018-2668 [ 50 ] CVE-2018-2696 https://nvd.nist.gov/vuln/detail/CVE-2018-2696 [ 51 ] CVE-2018-2703 https://nvd.nist.gov/vuln/detail/CVE-2018-2703
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201802-04
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--vmHQgVa28XavcAIE6DyXWydApqjWXneFa--
--8jpikXc17oSV3wTevlU3Dow7t0QhsIrzg Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQKTBAEBCgB9FiEEM8WEgsQCKS0uPFwGlwn5DDyW/8gFAlqLceFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDMz QzU4NDgyQzQwMjI5MkQyRTNDNUMwNjk3MDlGOTBDM0M5NkZGQzgACgkQlwn5DDyW /8iBsRAAs//qTDH0VbWyvhgd3LySgz55qqUK9hPTlfSfWE1S2Uj4EXRVaaSavyA8 rwEohQUHsJ5n8FoshJIEXsQtqS0XMM5DtuLRC3GnsdFKCJ2AlrMzgTWTst0TXcum dgPmNR4PpxqcilEGq3GerQRAbnPZqfv52yKfJHpEIKoXB+BwRvtfvpCQpmHMRJNp rWY7csYHoxTytkFtsmMZ8SbkF9alj0584yoaXSUzf2wazHjhJRc0luGxTg9FirAK yCP3DRMaQ+Aw+Y8pCfzWNWPgpX/XpzL3RQmF2K15wdvA0oHgfhTq5QNGyWYB/Rm+ BP/lElFKOmExY8euOCCG3mvP597S8LZ40Tr2CMtn/v1iJOOAuPrGcEF5AWzjYh0D /f6J0hoqo6ezEGk/Oe8uVkCROmfKZyuDD+jfVTZG9LxvcEVGu3bh9ln4v1V8Ncdc KYC7gcm27c0sQ+osHqZ1PVfTaVzzqYO13aa5AGljVdnllfviMINntW4DjPt/jra8 2rEyabyiigW/rNTuLlXM/hkvuAZI8Qxw+/mAluP0hHcqU9s1DBBv3tC2h7N+PeRc ryGl8cXPbdYrUkmfiIqRjDWiBm/WKZ56BcHzcXMQ9+p70/6H21rY8yd9qK1+tN1/ myCBTxbFuTjGK8JG1jsANUDuKPQewttNKWXt4Bs2IlzRbhHusmM= =kR7k -----END PGP SIGNATURE-----
--8jpikXc17oSV3wTevlU3Dow7t0QhsIrzg--
|
|
|
|