Bug 1153485 (CVE-2014-6495)
Summary: | CVE-2014-6495 mysql: unspecified vulnerability related to SERVER:SSL:yaSSL (CPU October 2014) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Murray McAllister <mmcallis> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | abaron, aortega, apevec, ayoung, byte, carnil, chrisw, dallan, databases-maint, gkotton, hhorak, jdornak, jorton, jstanek, lhh, lpeer, markmc, mmaslano, mmuzila, rbryant, rohara, sclewis, vdanen, yeylon |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-10-16 08:06:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1153468 |
Description
Murray McAllister
2014-10-16 05:40:33 UTC
MySQL packages in Red Hat Enterprise Linux and Fedora are built against system OpenSSL and do not use bundled yaSSL. Hence they can not be affected by any yaSSL issues. Statement: This issue did not affect the versions of mysql as shipped with Red Hat Enterprise Linux 5, 6, and 7, as they use system OpenSSL library rather than yaSSL. |