Common Vulnerabilities and Exposures assigned an identifier CVE-2012-1757 to the following vulnerability: Name: CVE-2012-1757 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1757 Assigned: 20120316 Reference: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
According to upstream security page, this issue only affected MySQL 5.5.x versions and did not affect 5.1.x versions. MySQL versions shipped with Red Hat Enterprise Linux are older than 5.5 (5.0.x in Red Hat Enterprise Linux 5 and 5.1.x in Red Hat Enterprise Linux 6). MySQL packages in Fedora are already updated to fixed upstream version (all supported Fedora versions currently have 5.5.25a). Upstream has not provided any further details about this flaw.
@Tomas Hoger - The CVE lists this vulnerability as applicable to versions of MySQL Server 5.5.23 "and earlier" Are you certain the versions 5.1.x and 5.0.x (in our case) are not vulnerable? Thanks.
Those issues that affected 5.1 are listed in upstream advisory (linked form comment #0) as "5.1.x and earlier, 5.5.y and earlier" affected.
Removing external tracker bug with the id '00683243' as it is not valid for this tracker