openSUSE Security Update: Security update for mysql-community-server ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1101-1 Rating: moderate References: #1089987 Cross-References: CVE-2018-2755 CVE-2018-2758 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2805 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: This update for mysql-community-server to version 5.6.40 fixes the following issues: Security issues fixed: - CVE-2018-2755: Unspecified vulnerability in the Replication component - CVE-2018-2819: Unspecified vulnerability in the InnoDB component - CVE-2018-2817: Unspecified vulnerability in the Server DDL component - CVE-2018-2761: Unspecified vulnerability in the client programs - CVE-2018-2818: Unspecified vulnerability in the Server Security Privileges component - CVE-2018-2781: Unspecified vulnerability in the Server Optimizer component - CVE-2018-2771: Unspecified vulnerability in the Server locking component - CVE-2018-2813: Unspecified vulnerability in the Server DDL component - CVE-2018-2773: Unspecified vulnerability in the client programs - CVE-2018-2758: Unspecified vulnerability in the Server Security Privileges component - CVE-2018-2805: Unspecified vulnerability in the GIS Extension - CVE-2018-2782: Unspecified vulnerability in the InnoDB component - CVE-2018-2784: Unspecified vulnerability in the InnoDB component - CVE-2018-2787: Unspecified vulnerability in the InnoDB component - CVE-2018-2766: Unspecified vulnerability in the InnoDB component This update also contains all upstream fixes and improvement in the 5.6.40 release: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-40.html Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-405=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): libmysql56client18-5.6.40-36.1 libmysql56client18-debuginfo-5.6.40-36.1 libmysql56client_r18-5.6.40-36.1 mysql-community-server-5.6.40-36.1 mysql-community-server-bench-5.6.40-36.1 mysql-community-server-bench-debuginfo-5.6.40-36.1 mysql-community-server-client-5.6.40-36.1 mysql-community-server-client-debuginfo-5.6.40-36.1 mysql-community-server-debuginfo-5.6.40-36.1 mysql-community-server-debugsource-5.6.40-36.1 mysql-community-server-test-5.6.40-36.1 mysql-community-server-test-debuginfo-5.6.40-36.1 mysql-community-server-tools-5.6.40-36.1 mysql-community-server-tools-debuginfo-5.6.40-36.1 - openSUSE Leap 42.3 (x86_64): libmysql56client18-32bit-5.6.40-36.1 libmysql56client18-debuginfo-32bit-5.6.40-36.1 libmysql56client_r18-32bit-5.6.40-36.1 - openSUSE Leap 42.3 (noarch): mysql-community-server-errormessages-5.6.40-36.1 References: https://www.suse.com/security/cve/CVE-2018-2755.html https://www.suse.com/security/cve/CVE-2018-2758.html https://www.suse.com/security/cve/CVE-2018-2761.html https://www.suse.com/security/cve/CVE-2018-2766.html https://www.suse.com/security/cve/CVE-2018-2771.html https://www.suse.com/security/cve/CVE-2018-2773.html https://www.suse.com/security/cve/CVE-2018-2781.html https://www.suse.com/security/cve/CVE-2018-2782.html https://www.suse.com/security/cve/CVE-2018-2784.html https://www.suse.com/security/cve/CVE-2018-2787.html https://www.suse.com/security/cve/CVE-2018-2805.html https://www.suse.com/security/cve/CVE-2018-2813.html https://www.suse.com/security/cve/CVE-2018-2817.html https://www.suse.com/security/cve/CVE-2018-2818.html https://www.suse.com/security/cve/CVE-2018-2819.html https://bugzilla.suse.com/1089987