Bug 832540 - (mysql-cpu-2012-07) mysql: Oracle CPU July 2012
mysql: Oracle CPU July 2012
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
http://www.oracle.com/technetwork/top...
impact=important,public=20120615,repo...
: Security
Depends On: CVE-2012-2122 CVE-2012-2749 CVE-2012-2750 CVE-2012-0540 CVE-2012-1689 CVE-2012-1734 CVE-2012-1735 CVE-2012-1756 CVE-2012-1757 871813 871814
Blocks: 833743
  Show dependency treegraph
 
Reported: 2012-06-15 13:05 EDT by Tomas Hoger
Modified: 2015-11-24 10:18 EST (History)
2 users (show)

See Also:
Fixed In Version: mysql 5.1.63, mysql 5.5.24
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-21 10:19:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Novell 771996 None None None 2012-07-19 03:37:20 EDT
Debian BTS 682210 None None None 2012-07-20 09:10:18 EDT
Debian BTS 682212 None None None 2012-07-20 09:10:34 EDT
Gentoo 417989 None None None 2012-07-23 03:30:32 EDT

  None (edit)
Description Tomas Hoger 2012-06-15 13:05:22 EDT
This bug is for Oracle Critical Patch Update Advisory - July 2012 planned to be released on July 17 and that is expected to list several MySQL flaws:

http://www.oracle.com/technetwork/topics/security/alerts-086861.html

So far, MySQL versions 5.1.63, 5.5.23, 5.5.24, and 5.5.25:

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-25.html

were released in the last CPU in April 2012:

http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

which covered fixes in version 5.1.62 and 5.5.22.  Apr 2012 CPU is covered by bug #832477.

This bug attempts to list issues that were already made public via released MySQL versions or bazaar commits.
Comment 1 Tomas Hoger 2012-06-15 13:11:13 EDT
A rather important password verification flaw was disclosed recently and got CVE-2012-2122 assigned.  Refer to bug 814605 for details.

Basic info:
5.1.63 and 5.5.24 release notes mention this security fix:
 * Security Fix: Bug #64884 was fixed.

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html

Upstream commit:
http://bazaar.launchpad.net/~mysql/mysql-server/5.1/revision/3560.10.17
Bug #13934049: 64884: LOGINS WITH INCORRECT PASSWORD ARE ALLOWED
Comment 2 Tomas Hoger 2012-06-15 13:35:20 EDT
Another security fix mentioned in the 5.1.63 released notes is:

 * Security Fix: Bug #59387 was fixed.

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html

Matching upstream commit is:

http://bazaar.launchpad.net/~mysql/mysql-server/5.1/revision/3560.10.16
Bug#11766300 59387: FAILING ASSERTION: CURSOR->POS_STATE == 1997660512 (BTR_PCUR_IS_POSITIONE
Bug#13639204 64111: CRASH ON SELECT SUBQUERY WITH NON UNIQUE INDEX

This issue allows non-admin database user with full SQL access to crash mysqld.

It is also fixed in 5.5.24, but is not mentioned in the release notes or the changelog file bundled in the source tarball.  This issue also affects MySQL 5.0.
Comment 3 Tomas Hoger 2012-06-15 13:37:12 EDT
5.5.23 release notes mention:

 * Security Fix: Bug #59533 was fixed.

http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html

I'm currently unable to find any commit that references mentioned bug.
Comment 4 Tomas Hoger 2012-07-14 09:11:46 EDT
Oracle July CPU to be released on Jul 17 will fix 6 MySQL issues according to the pre-release announcement:
  http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
Comment 5 Tomas Hoger 2012-08-03 05:47:42 EDT
(In reply to comment #0)
> So far, MySQL versions 5.1.63, 5.5.23, 5.5.24, and 5.5.25:
> 
> http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
> http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html
> http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
> http://dev.mysql.com/doc/refman/5.5/en/news-5-5-25.html

Oracle July CPU only describes MySQL issues fixed in versions 5.1.63, 5.5.23, and 5.5.24.  Even though 5.5.25 and 5.5.25a were released before the CPU release, it may mean that they don't include any security fixes or that they will only be announced in the next CPU in October.

Note You need to log in before you can comment on or make changes to this bug.