Back to bug 1375198
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-09-12 13:17:28 UTC | Depends On | 1375200 | |
| Adam Mariš | 2016-09-12 13:17:40 UTC | Depends On | 1375201 | |
| Adam Mariš | 2016-09-12 13:17:53 UTC | Depends On | 1375202 | |
| Adam Mariš | 2016-09-12 13:18:58 UTC | Blocks | 1375204 | |
| Adam Mariš | 2016-09-12 13:31:44 UTC | Fixed In Version | mariadb 5.5.51, mariadb 10.1.17, mariadb 10.0.27 | |
| William Taylor | 2016-09-12 18:49:30 UTC | CC | williamt | |
| Tomas Hoger | 2016-09-12 22:00:01 UTC | Fixed In Version | mariadb 5.5.51, mariadb 10.1.17, mariadb 10.0.27 | mariadb 5.5.51, mariadb 10.0.27, mariadb 10.1.17 |
| Micky Gough | 2016-09-12 22:30:38 UTC | CC | mickygough | |
| Yasuhiro Ozone | 2016-09-13 02:45:20 UTC | CC | yozone | |
| Erik Hedgren | 2016-09-13 09:32:36 UTC | CC | ehedgren | |
| Ruben van Staveren | 2016-09-13 09:49:40 UTC | CC | rvstaveren | |
| Patrick Uiterwijk | 2016-09-13 10:35:11 UTC | CC | puiterwijk | |
| Upen | 2016-09-13 14:10:26 UTC | CC | upendra.gandhi | |
| Carl George | 2016-09-13 14:24:37 UTC | CC | carl.george | |
| Scott Dowdle | 2016-09-13 15:33:59 UTC | CC | dowdle | |
| Igor Cherfas | 2016-09-13 16:57:30 UTC | CC | samirjafferali | |
| CC | igor.cherfas | |||
| Ahmed Nazmy | 2016-09-14 07:43:53 UTC | CC | anazmy | |
| Apurbita Mukherjee | 2016-09-14 11:43:59 UTC | CC | apmukher | |
| Tomas Hoger | 2016-09-14 20:51:51 UTC | Fixed In Version | mariadb 5.5.51, mariadb 10.0.27, mariadb 10.1.17 | mysql 5.5.52, mysql 5.6.33, mysql 5.7.15, mariadb 5.5.51, mariadb 10.0.27, mariadb 10.1.17 |
| Paul Dwyer | 2016-09-15 08:42:41 UTC | CC | pdwyer | |
| Robert Scheck | 2016-09-15 10:45:57 UTC | CC | hasuzuki | |
| CC | redhat-bugzilla | |||
| Robert Scheck | 2016-09-15 10:46:14 UTC | CC | robert.scheck | |
| Andrej Nemec | 2016-09-15 13:31:04 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql55-mysql=new,rhel-7/mariadb=new,rhscl-2/mysql55-mysql=new,rhscl-2/rh-mysql56-mysql=new,rhscl-2/mariadb55-mariadb=new,rhscl-2/rh-mariadb100-mariadb=new,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql55-mysql=new,rhel-6/mysql=new,rhel-7/mariadb=new,rhscl-2/mysql55-mysql=new,rhscl-2/rh-mysql56-mysql=new,rhscl-2/mariadb55-mariadb=new,rhscl-2/rh-mariadb100-mariadb=new,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected |
| Andrej Nemec | 2016-09-15 13:31:27 UTC | CC | byte | |
| Stefan Cornelius | 2016-09-15 14:20:27 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql55-mysql=new,rhel-6/mysql=new,rhel-7/mariadb=new,rhscl-2/mysql55-mysql=new,rhscl-2/rh-mysql56-mysql=new,rhscl-2/mariadb55-mariadb=new,rhscl-2/rh-mariadb100-mariadb=new,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql55-mysql=new,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=new,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected |
| Kodiak Firesmith | 2016-09-15 20:33:47 UTC | CC | kfiresmith | |
| Kent Engström | 2016-09-16 07:33:18 UTC | CC | kent | |
| Clifford Perry | 2016-09-16 09:45:29 UTC | CC | cperry | |
| Tomas Hoger | 2016-09-16 10:56:44 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql55-mysql=new,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=new,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,openstack-8/mariadb-galera=new,openstack-9/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected |
| Tomas Hoger | 2016-09-16 11:12:52 UTC | Summary | CVE-2016-6662 mysql: Privilege escalation by abusing MySQL logging functions | CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation |
| Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,cvss3=8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,openstack-8/mariadb-galera=new,openstack-9/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,openstack-8/mariadb-galera=new,openstack-9/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | ||
| Tomas Hoger | 2016-09-16 11:17:03 UTC | Doc Text | It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privilege, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. | |
| Tomas Hoger | 2016-09-19 11:25:21 UTC | CC | kvolny | |
| Mark J. Cox | 2016-09-19 19:13:49 UTC | CC | mjc | |
| Bryan Totty | 2016-09-19 20:13:00 UTC | CC | btotty | |
| josef radinger | 2016-09-20 15:00:38 UTC | CC | ykawada | |
| CC | cheese, gerald.prock | |||
| Tomas Hoger | 2016-09-21 08:14:05 UTC | Depends On | 1377974 | |
| Ganesh | 2016-09-22 23:48:29 UTC | CC | gnaik | |
| Tomas Hoger | 2016-09-23 14:53:22 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=new,openstack-6/mariadb-galera=new,openstack-7/mariadb-galera=new,openstack-8/mariadb-galera=new,openstack-9/mariadb-galera=new,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected |
| Summer Long | 2016-09-26 02:22:10 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,openstack-10/mariadb-galera=affected |
| Summer Long | 2016-09-26 03:25:26 UTC | CC | slong | |
| Flags | needinfo?(mbayer) | |||
| Tomas Hoger | 2016-09-26 06:25:52 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,openstack-10/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected |
| Summer Long | 2016-09-27 00:10:34 UTC | Flags | needinfo?(mbayer) | |
| Summer Long | 2016-09-27 00:20:50 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,openstack-10/mariadb=affected |
| Summer Long | 2016-09-27 00:25:50 UTC | Depends On | 1379492 | |
| Summer Long | 2016-09-27 00:25:53 UTC | Depends On | 1379493 | |
| Summer Long | 2016-09-27 00:26:07 UTC | Depends On | 1379494 | |
| Summer Long | 2016-09-27 00:26:18 UTC | Depends On | 1379495 | |
| Summer Long | 2016-09-27 00:26:30 UTC | Depends On | 1379496 | |
| Summer Long | 2016-09-27 00:26:41 UTC | Depends On | 1379497 | |
| Summer Long | 2016-09-27 00:26:53 UTC | Depends On | 1379498 | |
| Summer Long | 2016-09-27 00:27:05 UTC | Depends On | 1379499 | |
| Tomas Hoger | 2016-09-27 13:04:16 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,openstack-10/mariadb=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected |
| Huzaifa S. Sidhpurwala | 2016-09-29 06:00:58 UTC | CC | thoger | |
| Flags | needinfo?(thoger) | |||
| Huzaifa S. Sidhpurwala | 2016-09-29 06:03:14 UTC | Blocks | 1323912 | |
| Tomas Hoger | 2016-09-29 07:38:24 UTC | CC | thoger | |
| Flags | needinfo?(thoger) | |||
| Summer Long | 2016-09-30 03:59:08 UTC | Doc Text | It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privilege, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. | A permissions flaw was discovered in the MySQL logging functionality, which allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly exploit this flaw to run arbitrary commands with root privileges on the system running the database server. |
| Tomas Hoger | 2016-09-30 13:02:43 UTC | Doc Text | A permissions flaw was discovered in the MySQL logging functionality, which allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly exploit this flaw to run arbitrary commands with root privileges on the system running the database server. | It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privilege, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. |
| Summer Long | 2016-10-05 05:02:19 UTC | Doc Text | It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privilege, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. | It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. |
| Tomas Hoger | 2016-10-14 12:38:16 UTC | Depends On | 1384960 | |
| Tomas Hoger | 2016-10-14 12:38:21 UTC | Depends On | 1384961 | |
| Tomas Hoger | 2016-10-14 12:38:27 UTC | Depends On | 1384962 | |
| Tomas Hoger | 2016-10-14 12:38:33 UTC | Depends On | 1384963 | |
| Jason Shepherd | 2016-10-18 00:34:12 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=affected |
| Jason Shepherd | 2016-10-18 00:34:34 UTC | CC | avibelli, coneill, gsterlin, jbalunas, jshepherd, rrajasek, tjay, tkirby | |
| Jason Shepherd | 2016-10-18 00:35:02 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=affected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=new |
| Salvatore Bonaccorso | 2016-10-18 18:51:32 UTC | CC | carnil | |
| Jason Shepherd | 2016-10-19 02:03:37 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=new | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected |
| Tomas Hoger | 2016-10-19 14:41:36 UTC | Depends On | 1386744 | |
| Tomas Hoger | 2016-10-19 14:41:42 UTC | Depends On | 1386745 | |
| Kodiak Firesmith | 2016-10-19 14:42:34 UTC | CC | kfiresmith | |
| Tomas Hoger | 2016-11-08 13:01:45 UTC | Blocks | 1386598 | |
| Summary | CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation | CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation (CPU Oct 2016) | ||
| Tomas Hoger | 2016-11-09 10:03:59 UTC | Depends On | 1393306 | |
| Tomas Hoger | 2016-11-09 10:04:08 UTC | Depends On | 1393307 | |
| Tomas Hoger | 2016-11-09 10:04:15 UTC | Depends On | 1393308 | |
| Tomas Hoger | 2016-11-09 10:04:22 UTC | Depends On | 1393309 | |
| Tomas Hoger | 2016-11-09 10:08:44 UTC | Depends On | 1393307 | |
| Tomas Hoger | 2016-11-09 10:09:01 UTC | Depends On | 1393308 | |
| Tomas Hoger | 2016-11-09 10:14:26 UTC | Depends On | 1393313 | |
| Tomas Hoger | 2016-11-09 10:14:42 UTC | Depends On | 1393314 | |
| Vignesh | 2016-11-21 16:59:49 UTC | CC | vigneshb4u | |
| Tomas Hoger | 2016-11-22 09:32:21 UTC | Depends On | 1397309 | |
| Tomas Hoger | 2016-11-22 09:32:28 UTC | Depends On | 1397310 | |
| Tomas Hoger | 2016-11-22 11:40:23 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=affected,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected |
| John Skeoch | 2016-12-01 01:00:36 UTC | CC | jdornak | |
| Summer Long | 2016-12-15 05:44:03 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=affected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=notaffected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected |
| Summer Long | 2016-12-15 05:56:31 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=notaffected,openstack-10/mariadb=affected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=notaffected,openstack-10/mariadb=notaffected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected |
| Carl George | 2016-12-15 14:24:26 UTC | CC | carl.george | |
| Tomas Hoger | 2017-01-17 20:24:55 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=notaffected,openstack-10/mariadb=notaffected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=notaffected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected |
| Tomas Hoger | 2017-01-24 12:00:16 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-01-24 07:00:16 UTC | |||
| Adam Mariš | 2017-03-07 15:23:28 UTC | Depends On | 1429973, 1429972 | |
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=important,public=20160912,reported=20160912,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:S/C:C/I:C/A:C,cvss3=8.0/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,cwe=CWE-732,rhel-5/mysql=notaffected,rhel-5/mysql55-mysql=wontfix,rhel-6/mysql=affected,rhel-7/mariadb=affected,rhscl-2/mysql55-mysql=affected,rhscl-2/rh-mysql56-mysql=affected,rhscl-2/mariadb55-mariadb=affected,rhscl-2/rh-mariadb100-mariadb=affected,rhscl-2/rh-mariadb101-mariadb=affected,openstack-5/mariadb-galera=affected,openstack-6/mariadb-galera=affected,openstack-7/mariadb-galera=affected,openstack-8/mariadb-galera=affected,openstack-9/mariadb-galera=affected,openstack-10/mariadb-galera=notaffected,fedora-all/community-mysql=affected,fedora-all/mariadb=affected,fedora-all/mariadb-galera=affected,rhmap-4/millicore=notaffected |
Back to bug 1375198