Bug 1301874 (CVE-2016-2047)
Summary: | CVE-2016-2047 mysql: ssl-validate-cert incorrect hostname check | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | abaron, aortega, apevec, ayoung, carnil, chrisw, dallan, databases-maint, dciabrin, fdinitto, gkotton, gmollett, hhorak, jdornak, jorton, jschluet, jstanek, lhh, lpeer, markmc, mbayer, mmaslano, mmuzila, rbryant, sardella, sclewis, srevivo, tdecacqu |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | mysql 5.5.48, mysql 5.6.29, mysql 5.7.11, mariadb 5.5.47, mariadb 10.1.10, mariadb 10.0.23 | Doc Type: | Bug Fix |
Doc Text: |
It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-11-21 01:47:06 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1301517, 1301518, 1301519, 1304515, 1304516, 1329671, 1329672, 1330444, 1330445, 1342440, 1342454 | ||
Bug Blocks: | 1329276 |
Description
Andrej Nemec
2016-01-26 09:14:40 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0534 https://rhn.redhat.com/errata/RHSA-2016-0534.html MySQL was fixed as part of the April 2016 CPU: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixMSQL http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL in versions 5.5.49, 5.6.30, and 5.7.12. MySQL commit is: https://github.com/mysql/mysql-server/commit/13380bf81f6bc20d39549f531f9acebdfb5a8c37 Tags on that commit show that the fix was actually applied in earlier versions - 5.5.48, 5.6.29, and 5.7.11. It is only documented in release notes for 5.5.49, 5.6.30, and 5.7.12: Improper host name checking in X509 certificates could permit man-in-the-middle attacks. (Bug #22295186, Bug #22738607) http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-30.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-12.html The other bug id referenced by that release notes entry corresponds to the following fix applied in versions 5.5.49, 5.6.30, and 5.7.12: https://github.com/mysql/mysql-server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69 That's a bug in embedded yaSSL library. Red Hat builds of MySQL do not use embedded yaSSL and rather use system OpenSSL. This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2016:0705 https://rhn.redhat.com/errata/RHSA-2016-0705.html This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Via RHSA-2016:1132 https://access.redhat.com/errata/RHSA-2016:1132 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2016:1481 https://rhn.redhat.com/errata/RHSA-2016-1481.html This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2016:1480 https://rhn.redhat.com/errata/RHSA-2016-1480.html |