This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============9016124930658641880== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="n6gDkVeX9s8u32ZnynB3glEBRfAUicUzO"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --n6gDkVeX9s8u32ZnynB3glEBRfAUicUzO Content-Type: multipart/mixed; boundary="tyF2kRvdmcbyAG8lYrZWZdGx9P2WSc9wx"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <82e926a9-49c5-c15c-e795-5f8a81d813dd@canonical.com> Subject: [USN-3629-3] MySQL vulnerabilities
--tyF2kRvdmcbyAG8lYrZWZdGx9P2WSc9wx Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3629-3 April 30, 2018
mysql-5.7 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description: - mysql-5.7: MySQL database
Details:
USN-3629-1 fixed vulnerabilities in MySQL. This update provides the corresponding updates for Ubuntu 18.04 LTS.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.22. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-60.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-22.html http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: mysql-server-5.7 5.7.22-0ubuntu18.04.1
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3629-3 https://usn.ubuntu.com/usn/usn-3629-1 CVE-2018-2755, CVE-2018-2758, CVE-2018-2759, CVE-2018-2761, CVE-2018-2762, CVE-2018-2766, CVE-2018-2769, CVE-2018-2771, CVE-2018-2773, CVE-2018-2775, CVE-2018-2776, CVE-2018-2777, CVE-2018-2778, CVE-2018-2779, CVE-2018-2780, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2812, CVE-2018-2813, CVE-2018-2816, CVE-2018-2817, CVE-2018-2818, CVE-2018-2819, CVE-2018-2839, CVE-2018-2846
Package Information: https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.22-0ubuntu18.04.1
--tyF2kRvdmcbyAG8lYrZWZdGx9P2WSc9wx--
--n6gDkVeX9s8u32ZnynB3glEBRfAUicUzO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJa50uBAAoJEGVp2FWnRL6TZloQAJNVywQgoAea22OFiIFiPhme 3GdYqq8dHmOpoVpiv010yDxcOLyEAzuvn5MPeu2bUbDhgcSS5XYrnQfSJeX8J+QJ WnIirJu9KvBr2KtTsfE4Ag+P6djffFGlZDeb0nPpumQw2s6u5JGlMgQg04uHKilD gBemSpJWdnf2uo+b7aC1AcgQu4VAD0X4imo0xh/+Ls0j2lj+oHpSd4YK8lJ/5Tm/ LGCleXYAmrSYJl/ggjwcKNQRwExTLEOxwua6FNN2fm+sHPOZ8AKaWP/jfwM8t5T+ 335D7fKZpenEjRnMLDcfBlwCWoUtDpyQiAM0SMYq++uYl1khAdNYhPFiMsXddTOs TKSk3bIIPyOTy39DQoRONWQEHBWDRgcHqY9b6dmU0jg3FGoF1/OU1/qrUzf6fmpf T0EYYNDc2NJ2EzUoZ79sMracSZbuIo+DVbEqRU7cpKU0rRDAJERh9a6qKfzp7nBu Qk2l++T5bHSo5MYxOM98Kys62SfkBmzvktot5B4BpJJ86d0uJirHMB5X92xUpbwz Kp5k2B4zpRM0R5gbPehCTy79vaTwi/QS0LgscxTRbZ180QX8crOSlLr7bd0FwrzN BLPFaQN3lkIzvexqBikdexTCEU8+gFGmk5mYveTYlSBivMaliu5H/4iwHULUpucK 0fUTFPjS7iK07woQXHTX =P1FP -----END PGP SIGNATURE-----
--n6gDkVeX9s8u32ZnynB3glEBRfAUicUzO--
--===============9016124930658641880== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============9016124930658641880==--
|