This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============1047843702624071267==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="vp0w7PUsEoc6z4BYO5IZeRb7d9FBnXlyI"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--vp0w7PUsEoc6z4BYO5IZeRb7d9FBnXlyI
Content-Type: multipart/mixed;
boundary="efhp5mJO9SVDFsnYbhIYCjqs0hXBBhqvU";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <ce2854e0-fa8c-0122-75c4-3df50e693f61@canonical.com>
Subject: [USN-3725-1] MySQL vulnerabilities
--efhp5mJO9SVDFsnYbhIYCjqs0hXBBhqvU
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-3725-1
July 30, 2018
mysql-5.5, mysql-5.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.7: MySQL database
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.61 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS have been updated to MySQL 5.7.23.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-23.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
mysql-server-5.7 5.7.23-0ubuntu0.18.04.1
Ubuntu 16.04 LTS:
mysql-server-5.7 5.7.23-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.61-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3725-1
CVE-2018-2767, CVE-2018-3054, CVE-2018-3056, CVE-2018-3058,
CVE-2018-3060, CVE-2018-3061, CVE-2018-3062, CVE-2018-3063,
CVE-2018-3064, CVE-2018-3065, CVE-2018-3066, CVE-2018-3070,
CVE-2018-3071, CVE-2018-3077, CVE-2018-3081
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.23-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.23-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.61-0ubuntu0.14.04.1
--efhp5mJO9SVDFsnYbhIYCjqs0hXBBhqvU--
--vp0w7PUsEoc6z4BYO5IZeRb7d9FBnXlyI
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltfXbcACgkQZWnYVadE
vpMeEw/9GEa+YqP7xMUB0dn1G7Qs4g3E7msVgfzZl/WRPrCD2UAmnyyyf57+X0ed
CIi43fPtX77lkmHF5cFeZ5OOaVcqVR/4scED07ZCUzOo2qniOG1NtOGbLCjbdREI
W4inOTakElSxc+HFPK5U7nkk0Il9/MzTWy45tkA3kH1kEhZ94EPxHZTxIPiHRXqm
3C2xHXA4qJk/1iBYTdNj4m30XdylR1Y+GLXMVX9vVaHbr2pNk3W7An5sPAZ7mMH4
WQcpcu5x6E+tGHu/ysP09MXYNF6fBCFC3QylJKlJaCyFma1vymrN4JEmKBkfPEmJ
eOQ7QcXMq3w3aSzXHjOd0wF+L4kbWhdj9pBv6n9SAeJB2mvk3zvw2rfwUn0lLVL5
QNJMPQi24UOsNKYFQyNwqtPhMN6yx2iGL1HRHPkJddvL7jIPXbzBw8LveCHUsGJN
AbreSp1J5U9SaI2ykXsW31KUXbZ2mGuufrHKi9TO00qNWPzcI01c62EJGa5+BVyN
RbhyDN218jgPQPCXfAlpBzpBMoUR79stQr4bNPL5AvqOl4kua+RxlhpsG6fJdJxs
ZqOePMvZMs92nih7k3RAhZ8wlNzXxXS/0T1xkXTXQ4GYCIzGkrQCwAhLN3ecvvUe
/DVXrn4SvpgEkw78rm90En7OSbSk8SiBLa1jx7++UsjvCcj1Psc=
=uRDX
-----END PGP SIGNATURE-----
--vp0w7PUsEoc6z4BYO5IZeRb7d9FBnXlyI--
--===============1047843702624071267==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============1047843702624071267==--
|
