Common Vulnerabilities and Exposures assigned an identifier CVE-2013-1492 to the following vulnerability: Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1492 [2] http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html [3] http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html [4] https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow [5] http://secunia.com/advisories/52445
This issue did NOT affect the versions of the mysql package, as shipped with Red Hat Enterprise Linux 5 and 6, as MySQL packages in Red Hat Enterprise Linux are linked against OpenSSL not yaSSL. Therefore the affected code is not used. -- This issue did NOT affect the versions of the mysql package, as shipped with Fedora release of 17 and 18, as MySQL packages in Fedora are linked against OpenSSL not yaSSL. Therefore the affected code is not used.
Statement: Not vulnerable. This issue did not affect the versions of mysql as shipped with Red Hat Enterprise Linux 5 and 6, since MySQL packages in Red Hat Enterprise Linux are linked against OpenSSL, and not against yaSSL.