This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BpqkJR3X6jUN5MsrNu0Xf7QH67bPV4kFN Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 201308-06:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: MySQL: Multiple vulnerabilities Date: August 29, 2013 Updated: August 30, 2013 Bugs: #399375, #411503, #412889, #417989, #445602, #462498, #466236, #477474 ID: 201308-06:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Errata ======
The references section of the original advisory contained wrong CVE references.
CVE-2012-1492, CVE-2012-1623 should be interpreted as CVE-2013-1492 and CVE-2013-1623 accordingly.
The corrected sections appear below.
References ==========
[ 1 ] CVE-2011-2262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2262 [ 2 ] CVE-2012-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0075 [ 3 ] CVE-2012-0087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0087 [ 4 ] CVE-2012-0101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0101 [ 5 ] CVE-2012-0102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0102 [ 6 ] CVE-2012-0112 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0112 [ 7 ] CVE-2012-0113 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0113 [ 8 ] CVE-2012-0114 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0114 [ 9 ] CVE-2012-0115 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0115 [ 10 ] CVE-2012-0116 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0116 [ 11 ] CVE-2012-0117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0117 [ 12 ] CVE-2012-0118 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0118 [ 13 ] CVE-2012-0119 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0119 [ 14 ] CVE-2012-0120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0120 [ 15 ] CVE-2012-0484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0484 [ 16 ] CVE-2012-0485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0485 [ 17 ] CVE-2012-0486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0486 [ 18 ] CVE-2012-0487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0487 [ 19 ] CVE-2012-0488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0488 [ 20 ] CVE-2012-0489 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0489 [ 21 ] CVE-2012-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0490 [ 22 ] CVE-2012-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0491 [ 23 ] CVE-2012-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0492 [ 24 ] CVE-2012-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0493 [ 25 ] CVE-2012-0494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0494 [ 26 ] CVE-2012-0495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0495 [ 27 ] CVE-2012-0496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0496 [ 28 ] CVE-2012-0540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0540 [ 29 ] CVE-2012-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0553 [ 30 ] CVE-2012-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0572 [ 31 ] CVE-2012-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0574 [ 32 ] CVE-2012-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0578 [ 33 ] CVE-2012-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0583 [ 34 ] CVE-2012-1688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1688 [ 35 ] CVE-2012-1689 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1689 [ 36 ] CVE-2012-1690 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1690 [ 37 ] CVE-2012-1696 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1696 [ 38 ] CVE-2012-1697 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1697 [ 39 ] CVE-2012-1702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1702 [ 40 ] CVE-2012-1703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1703 [ 41 ] CVE-2012-1705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1705 [ 42 ] CVE-2012-1734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1734 [ 43 ] CVE-2012-2102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2102 [ 44 ] CVE-2012-2122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2122 [ 45 ] CVE-2012-2749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2749 [ 46 ] CVE-2012-3150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3150 [ 47 ] CVE-2012-3158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3158 [ 48 ] CVE-2012-3160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3160 [ 49 ] CVE-2012-3163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3163 [ 50 ] CVE-2012-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3166 [ 51 ] CVE-2012-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3167 [ 52 ] CVE-2012-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3173 [ 53 ] CVE-2012-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3177 [ 54 ] CVE-2012-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3180 [ 55 ] CVE-2012-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3197 [ 56 ] CVE-2012-5060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5060 [ 57 ] CVE-2012-5096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5096 [ 58 ] CVE-2012-5611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5611 [ 59 ] CVE-2012-5612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5612 [ 60 ] CVE-2012-5613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5613 [ 61 ] CVE-2012-5614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5614 [ 62 ] CVE-2012-5615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5615 [ 63 ] CVE-2012-5627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5627 [ 64 ] CVE-2013-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0367 [ 65 ] CVE-2013-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0368 [ 66 ] CVE-2013-0371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0371 [ 67 ] CVE-2013-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0375 [ 68 ] CVE-2013-0383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0383 [ 69 ] CVE-2013-0384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0384 [ 70 ] CVE-2013-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0385 [ 71 ] CVE-2013-0386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0386 [ 72 ] CVE-2013-0389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0389 [ 73 ] CVE-2013-1492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1492 [ 74 ] CVE-2013-1502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502 [ 75 ] CVE-2013-1506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506 [ 76 ] CVE-2013-1511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511 [ 77 ] CVE-2013-1512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512 [ 78 ] CVE-2013-1521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521 [ 79 ] CVE-2013-1523 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523 [ 80 ] CVE-2013-1526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526 [ 81 ] CVE-2013-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531 [ 82 ] CVE-2013-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532 [ 83 ] CVE-2013-1544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544 [ 84 ] CVE-2013-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548 [ 85 ] CVE-2013-1552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552 [ 86 ] CVE-2013-1555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555 [ 87 ] CVE-2013-1566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566 [ 88 ] CVE-2013-1567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567 [ 89 ] CVE-2013-1570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570 [ 90 ] CVE-2013-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1623 [ 91 ] CVE-2013-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375 [ 92 ] CVE-2013-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376 [ 93 ] CVE-2013-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378 [ 94 ] CVE-2013-2381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381 [ 95 ] CVE-2013-2389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389 [ 96 ] CVE-2013-2391 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391 [ 97 ] CVE-2013-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392 [ 98 ] CVE-2013-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395 [ 99 ] CVE-2013-3802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3802 [ 100 ] CVE-2013-3804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3804 [ 101 ] CVE-2013-3808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3808
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-06.xml
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--BpqkJR3X6jUN5MsrNu0Xf7QH67bPV4kFN Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSIHYsAAoJECo/aRed9267vJcH/j2ApNLvh0aMDIHhKK/7t0O0 VkPYsBLuIkpe6tQvqwSQOM4sBGzq+x+l1dlBn0wdTbM9CEps3nlWkvxCheqcupAR 7vgf6pssK7XuDLMTZSvtyVr/OsBBdQ1cIlDkwzACLaRqUdOD2DnSEOC/9PuxnWJW 2CBciuGs09M0DfVL+m3fUb0mFXSPQfHMMC2dSsGhCAum+eOJf8qPONrDHdmcX/LE UVT2z1OEhZBVBPVx5I1ljWMLqM+j0gTP8RsIPl0nQefjos5gSX4LHJHHGLk0w9j4 3dmtTlC6D39REZ/g8Re37+sANoCyffK+VyX8SGq2h51qTaKmQsx185WxY8DhlKQ= =ZrDQ -----END PGP SIGNATURE-----
--BpqkJR3X6jUN5MsrNu0Xf7QH67bPV4kFN--
|