Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in MySQL
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in MySQL
ID: openSUSE-SU-2015:2243-1
Distribution: SUSE
Plattformen: openSUSE 13.1, openSUSE 13.2, openSUSE Leap 42.1
Datum: Do, 10. Dezember 2015, 12:44
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4833
Applikationen: MySQL

Originalnachricht

 
   openSUSE Security Update: Security update to MySQL 5.6.27
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:2243-1
Rating:             important
References:         #924663 #928962 #951391 
Cross-References:   CVE-2015-0286 CVE-2015-0288 CVE-2015-1789
                    CVE-2015-1793 CVE-2015-3152 CVE-2015-4730
                    CVE-2015-4766 CVE-2015-4792 CVE-2015-4800
                    CVE-2015-4802 CVE-2015-4815 CVE-2015-4816
                    CVE-2015-4819 CVE-2015-4826 CVE-2015-4830
                    CVE-2015-4833 CVE-2015-4836 CVE-2015-4858
                    CVE-2015-4861 CVE-2015-4862 CVE-2015-4864
                    CVE-2015-4866 CVE-2015-4870 CVE-2015-4879
                    CVE-2015-4890 CVE-2015-4895 CVE-2015-4904
                    CVE-2015-4905 CVE-2015-4910 CVE-2015-4913
                   
Affected Products:
                    openSUSE Leap 42.1
                    openSUSE 13.2
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes 30 vulnerabilities is now available.

Description:

   MySQL was updated to 5.6.27 to fix security issues and bugs.

   The following vulnerabilities were fixed as part of the upstream release
   [boo#951391]: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789,
   CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802,
   CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830,
   CVE-2015-4833, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862,
   CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890,
   CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910, CVE-2015-4913

   Details on these and other changes can be found at:
   http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-27.html

   The following security relevant changes are included additionally:

   * CVE-2015-3152: MySQL lacked SSL enforcement. Using
     --ssl-verify-server-cert and --ssl[-*] implies that the ssl connection
     is required. The mysql client will now print an error if ssl is
     required, but the server can not handle a ssl connection [boo#924663],
     [boo#928962]


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2015-889=1

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2015-889=1

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2015-889=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.1 (i586 x86_64):

      libmysql56client18-5.6.27-8.1
      libmysql56client18-debuginfo-5.6.27-8.1
      libmysql56client_r18-5.6.27-8.1
      mysql-community-server-5.6.27-8.1
      mysql-community-server-bench-5.6.27-8.1
      mysql-community-server-bench-debuginfo-5.6.27-8.1
      mysql-community-server-client-5.6.27-8.1
      mysql-community-server-client-debuginfo-5.6.27-8.1
      mysql-community-server-debuginfo-5.6.27-8.1
      mysql-community-server-debugsource-5.6.27-8.1
      mysql-community-server-errormessages-5.6.27-8.1
      mysql-community-server-test-5.6.27-8.1
      mysql-community-server-test-debuginfo-5.6.27-8.1
      mysql-community-server-tools-5.6.27-8.1
      mysql-community-server-tools-debuginfo-5.6.27-8.1

   - openSUSE Leap 42.1 (x86_64):

      libmysql56client18-32bit-5.6.27-8.1
      libmysql56client18-debuginfo-32bit-5.6.27-8.1
      libmysql56client_r18-32bit-5.6.27-8.1

   - openSUSE 13.2 (i586 x86_64):

      libmysql56client18-5.6.27-2.12.1
      libmysql56client18-debuginfo-5.6.27-2.12.1
      libmysql56client_r18-5.6.27-2.12.1
      mysql-community-server-5.6.27-2.12.1
      mysql-community-server-bench-5.6.27-2.12.1
      mysql-community-server-bench-debuginfo-5.6.27-2.12.1
      mysql-community-server-client-5.6.27-2.12.1
      mysql-community-server-client-debuginfo-5.6.27-2.12.1
      mysql-community-server-debuginfo-5.6.27-2.12.1
      mysql-community-server-debugsource-5.6.27-2.12.1
      mysql-community-server-errormessages-5.6.27-2.12.1
      mysql-community-server-test-5.6.27-2.12.1
      mysql-community-server-test-debuginfo-5.6.27-2.12.1
      mysql-community-server-tools-5.6.27-2.12.1
      mysql-community-server-tools-debuginfo-5.6.27-2.12.1

   - openSUSE 13.2 (x86_64):

      libmysql56client18-32bit-5.6.27-2.12.1
      libmysql56client18-debuginfo-32bit-5.6.27-2.12.1
      libmysql56client_r18-32bit-5.6.27-2.12.1

   - openSUSE 13.1 (i586 x86_64):

      libmysql56client18-5.6.27-7.13.1
      libmysql56client18-debuginfo-5.6.27-7.13.1
      libmysql56client_r18-5.6.27-7.13.1
      mysql-community-server-5.6.27-7.13.1
      mysql-community-server-bench-5.6.27-7.13.1
      mysql-community-server-bench-debuginfo-5.6.27-7.13.1
      mysql-community-server-client-5.6.27-7.13.1
      mysql-community-server-client-debuginfo-5.6.27-7.13.1
      mysql-community-server-debuginfo-5.6.27-7.13.1
      mysql-community-server-debugsource-5.6.27-7.13.1
      mysql-community-server-errormessages-5.6.27-7.13.1
      mysql-community-server-test-5.6.27-7.13.1
      mysql-community-server-test-debuginfo-5.6.27-7.13.1
      mysql-community-server-tools-5.6.27-7.13.1
      mysql-community-server-tools-debuginfo-5.6.27-7.13.1

   - openSUSE 13.1 (x86_64):

      libmysql56client18-32bit-5.6.27-7.13.1
      libmysql56client18-debuginfo-32bit-5.6.27-7.13.1
      libmysql56client_r18-32bit-5.6.27-7.13.1


References:

   https://www.suse.com/security/cve/CVE-2015-0286.html
   https://www.suse.com/security/cve/CVE-2015-0288.html
   https://www.suse.com/security/cve/CVE-2015-1789.html
   https://www.suse.com/security/cve/CVE-2015-1793.html
   https://www.suse.com/security/cve/CVE-2015-3152.html
   https://www.suse.com/security/cve/CVE-2015-4730.html
   https://www.suse.com/security/cve/CVE-2015-4766.html
   https://www.suse.com/security/cve/CVE-2015-4792.html
   https://www.suse.com/security/cve/CVE-2015-4800.html
   https://www.suse.com/security/cve/CVE-2015-4802.html
   https://www.suse.com/security/cve/CVE-2015-4815.html
   https://www.suse.com/security/cve/CVE-2015-4816.html
   https://www.suse.com/security/cve/CVE-2015-4819.html
   https://www.suse.com/security/cve/CVE-2015-4826.html
   https://www.suse.com/security/cve/CVE-2015-4830.html
   https://www.suse.com/security/cve/CVE-2015-4833.html
   https://www.suse.com/security/cve/CVE-2015-4836.html
   https://www.suse.com/security/cve/CVE-2015-4858.html
   https://www.suse.com/security/cve/CVE-2015-4861.html
   https://www.suse.com/security/cve/CVE-2015-4862.html
   https://www.suse.com/security/cve/CVE-2015-4864.html
   https://www.suse.com/security/cve/CVE-2015-4866.html
   https://www.suse.com/security/cve/CVE-2015-4870.html
   https://www.suse.com/security/cve/CVE-2015-4879.html
   https://www.suse.com/security/cve/CVE-2015-4890.html
   https://www.suse.com/security/cve/CVE-2015-4895.html
   https://www.suse.com/security/cve/CVE-2015-4904.html
   https://www.suse.com/security/cve/CVE-2015-4905.html
   https://www.suse.com/security/cve/CVE-2015-4910.html
   https://www.suse.com/security/cve/CVE-2015-4913.html
   https://bugzilla.suse.com/924663
   https://bugzilla.suse.com/928962
   https://bugzilla.suse.com/951391

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung