Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Encryption). Supported versions that are affected are 5.5.40 and earlier and 5.6.21 and earlier. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some MySQL Server accessible data as well as read access to a subset of MySQL Server accessible data and ability to cause a partial denial of service (partial DOS) of MySQL Server. External References: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
Created attachment 982642 [details] mysql-5.5.41 yassl patch
(In reply to Huzaifa S. Sidhpurwala from comment #1) > mysql-5.5.41 yassl patch Upstream commit: http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4720
This issue has been addressed in the following products: Red Hat Software Collections 1 for Red Hat Enterprise Linux 7 Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 Via RHSA-2015:0117 https://rhn.redhat.com/errata/RHSA-2015-0117.html
This issue has been addressed in the following products: Red Hat Software Collections 1 for Red Hat Enterprise Linux 7 Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 Via RHSA-2015:0116 https://rhn.redhat.com/errata/RHSA-2015-0116.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:0118 https://rhn.redhat.com/errata/RHSA-2015-0118.html
Is an update for EL5 coming?
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:1628 https://rhn.redhat.com/errata/RHSA-2015-1628.html