Bug 1153494 (CVE-2014-6551)

Summary: CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
Product: [Other] Security Response Reporter: Murray McAllister <mmcallis>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: abaron, aortega, apevec, ayoung, byte, carnil, chrisw, dallan, databases-maint, gkotton, hhorak, jdornak, jorton, jstanek, lhh, lpeer, markmc, mmaslano, mmuzila, rbryant, rohara, sclewis, vdanen, yeylon
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-12-17 06:11:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1153469, 1160514, 1160515, 1160548, 1160549, 1160550, 1160551, 1160566, 1162374, 1162375    
Bug Blocks: 1153468, 1165433    

Description Murray McAllister 2014-10-16 05:49:14 UTC 
The following issue has been fixed in MySQL:

"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier
and 5.6.19 and earlier allows local users to affect confidentiality
via vectors related to CLIENT:MYSQLADMIN."

References:
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Comment 1 Murray McAllister 2014-10-16 06:00:22 UTC 
Created community-mysql tracking bugs for this issue:

Affects: fedora-all [bug 1153469]
Comment 5 Huzaifa S. Sidhpurwala 2014-11-05 07:30:28 UTC 
Created mariadb tracking bugs for this issue:

Affects: fedora-all [bug 1160551]
Comment 8 errata-xmlrpc 2014-11-17 09:46:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 5

Via RHSA-2014:1859 https://rhn.redhat.com/errata/RHSA-2014-1859.html
Comment 9 errata-xmlrpc 2014-11-17 09:57:07 UTC 
This issue has been addressed in the following products:

  Red Hat Software Collections 1 for Red Hat Enterprise Linux 7
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS

Via RHSA-2014:1862 https://rhn.redhat.com/errata/RHSA-2014-1862.html
Comment 10 errata-xmlrpc 2014-11-17 09:58:25 UTC 
This issue has been addressed in the following products:

  Red Hat Software Collections 1 for Red Hat Enterprise Linux 7
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6
  Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS

Via RHSA-2014:1860 https://rhn.redhat.com/errata/RHSA-2014-1860.html
Comment 11 errata-xmlrpc 2014-11-17 11:07:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2014:1861 https://rhn.redhat.com/errata/RHSA-2014-1861.html
Comment 12 errata-xmlrpc 2014-12-02 16:49:53 UTC 
This issue has been addressed in the following products:

  OpenStack 5 for RHEL 6

Via RHSA-2014:1937 https://rhn.redhat.com/errata/RHSA-2014-1937.html
Comment 13 errata-xmlrpc 2014-12-02 17:02:15 UTC 
This issue has been addressed in the following products:

  OpenStack 5 for RHEL 7

Via RHSA-2014:1940 https://rhn.redhat.com/errata/RHSA-2014-1940.html
Comment 14 Fedora Update System 2014-12-03 01:02:31 UTC 
mariadb-galera-5.5.40-2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2014-12-12 04:25:57 UTC 
mariadb-5.5.40-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.