Bug 895568 - (mysql-cpu-2013-01) mysql: Oracle CPU January 2013
mysql: Oracle CPU January 2013
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20130115,repo...
: Security
Depends On: CVE-2013-0384 CVE-2013-0389 CVE-2013-0385 CVE-2013-0375 CVE-2012-1702 CVE-2013-0383 CVE-2012-5579/CVE-2012-5611 CVE-2012-5612 CVE-2012-5060 CVE-2013-0386 CVE-2013-0368 CVE-2012-0572 CVE-2013-0371 CVE-2012-0574 CVE-2012-1705 CVE-2012-0578 CVE-2013-0367 CVE-2012-5096
Blocks: 895572
  Show dependency treegraph
 
Reported: 2013-01-15 09:46 EST by Tomas Hoger
Modified: 2015-08-22 11:21 EDT (History)
3 users (show)

See Also:
Fixed In Version: mysql 5.1.67, mysql 5.5.29
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-08-22 11:21:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2013-01-15 09:46:35 EST
This bug is for Oracle Critical Patch Update Advisory - January 2013:
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

Pre-release of the advisory indicates that it will include 18 CVEs for MySQL, 2 of them remotely exploitable without authentication.

This update is likely to mention previously published issues as CVE-2012-5611 (bug 881064, comment 21) and CVE-2012-5612 (bug 882600).
Comment 1 Tomas Hoger 2013-01-17 15:06:50 EST
MySQL risk matrix:

http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html#AppendixMSQL

Fixes are included in version 5.1.67 and 5.5.29.

Previous CPU for MySQL was released in October 2012 (bug 870399) and covered issues up to versions 5.1.66 and 5.5.28.  Hence these are releases since the last CPU:

http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-67.html

http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-29.html

Note You need to log in before you can comment on or make changes to this bug.