Mailinglist Archive: opensuse-security-announce (87 mails)
< Previous | Next > |
[security-announce] openSUSE-SU-2017:2868-1: important: Security update for mysql-community-server
- From: opensuse-security@xxxxxxxxxxxx
- Date: Fri, 27 Oct 2017 18:28:48 +0200 (CEST)
- Message-id: <20171027162848.B1508FCAB@maintenance.suse.de>
openSUSE Security Update: Security update for mysql-community-server
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:2868-1
Rating: important
References: #1039034 #1064096 #1064100 #1064101 #1064102
#1064104 #1064105 #1064107 #1064108 #1064112
#1064115 #1064116 #1064117 #1064118 #1064119
Cross-References: CVE-2017-10155 CVE-2017-10227 CVE-2017-10268
CVE-2017-10276 CVE-2017-10279 CVE-2017-10283
CVE-2017-10286 CVE-2017-10294 CVE-2017-10314
CVE-2017-10378 CVE-2017-10379 CVE-2017-10384
CVE-2017-3731
Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________
An update that solves 13 vulnerabilities and has two fixes
is now available.
Description:
This update for mysql-community-server to 5.6.38 fixes the following
issues:
Full list of changes:
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html
CVEs fixed:
- [boo#1064116] CVE-2017-10379
- [boo#1064117] CVE-2017-10384
- [boo#1064115] CVE-2017-10378
- [boo#1064101] CVE-2017-10268
- [boo#1064096] CVE-2017-10155
- [boo#1064118] CVE-2017-3731
- [boo#1064102] CVE-2017-10276
- [boo#1064105] CVE-2017-10283
- [boo#1064112] CVE-2017-10314
- [boo#1064100] CVE-2017-10227
- [boo#1064104] CVE-2017-10279
- [boo#1064108] CVE-2017-10294
- [boo#1064107] CVE-2017-10286
Additional changes:
- add "BuildRequires: unixODBC-devel" to allow ODBC support for Connect
engine [boo#1039034]
- update filename in /var/adm/update-messages to match documentation, and
build-compare pattern
- some scripts from the tools subpackage, namely: wsrep_sst_xtrabackup,
wsrep_sst_mariabackup.sh and wsrep_sst_xtrabackup-v2.sh need socat
- fixed incorrect descriptions and mismatching RPM groups
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2017-1196=1
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-1196=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (i586 x86_64):
libmysql56client18-5.6.38-30.1
libmysql56client18-debuginfo-5.6.38-30.1
libmysql56client_r18-5.6.38-30.1
mysql-community-server-5.6.38-30.1
mysql-community-server-bench-5.6.38-30.1
mysql-community-server-bench-debuginfo-5.6.38-30.1
mysql-community-server-client-5.6.38-30.1
mysql-community-server-client-debuginfo-5.6.38-30.1
mysql-community-server-debuginfo-5.6.38-30.1
mysql-community-server-debugsource-5.6.38-30.1
mysql-community-server-test-5.6.38-30.1
mysql-community-server-test-debuginfo-5.6.38-30.1
mysql-community-server-tools-5.6.38-30.1
mysql-community-server-tools-debuginfo-5.6.38-30.1
- openSUSE Leap 42.3 (noarch):
mysql-community-server-errormessages-5.6.38-30.1
- openSUSE Leap 42.3 (x86_64):
libmysql56client18-32bit-5.6.38-30.1
libmysql56client18-debuginfo-32bit-5.6.38-30.1
libmysql56client_r18-32bit-5.6.38-30.1
- openSUSE Leap 42.2 (i586 x86_64):
libmysql56client18-5.6.38-24.12.1
libmysql56client18-debuginfo-5.6.38-24.12.1
libmysql56client_r18-5.6.38-24.12.1
mysql-community-server-5.6.38-24.12.1
mysql-community-server-bench-5.6.38-24.12.1
mysql-community-server-bench-debuginfo-5.6.38-24.12.1
mysql-community-server-client-5.6.38-24.12.1
mysql-community-server-client-debuginfo-5.6.38-24.12.1
mysql-community-server-debuginfo-5.6.38-24.12.1
mysql-community-server-debugsource-5.6.38-24.12.1
mysql-community-server-test-5.6.38-24.12.1
mysql-community-server-test-debuginfo-5.6.38-24.12.1
mysql-community-server-tools-5.6.38-24.12.1
mysql-community-server-tools-debuginfo-5.6.38-24.12.1
- openSUSE Leap 42.2 (x86_64):
libmysql56client18-32bit-5.6.38-24.12.1
libmysql56client18-debuginfo-32bit-5.6.38-24.12.1
libmysql56client_r18-32bit-5.6.38-24.12.1
- openSUSE Leap 42.2 (noarch):
mysql-community-server-errormessages-5.6.38-24.12.1
References:
https://www.suse.com/security/cve/CVE-2017-10155.html
https://www.suse.com/security/cve/CVE-2017-10227.html
https://www.suse.com/security/cve/CVE-2017-10268.html
https://www.suse.com/security/cve/CVE-2017-10276.html
https://www.suse.com/security/cve/CVE-2017-10279.html
https://www.suse.com/security/cve/CVE-2017-10283.html
https://www.suse.com/security/cve/CVE-2017-10286.html
https://www.suse.com/security/cve/CVE-2017-10294.html
https://www.suse.com/security/cve/CVE-2017-10314.html
https://www.suse.com/security/cve/CVE-2017-10378.html
https://www.suse.com/security/cve/CVE-2017-10379.html
https://www.suse.com/security/cve/CVE-2017-10384.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://bugzilla.suse.com/1039034
https://bugzilla.suse.com/1064096
https://bugzilla.suse.com/1064100
https://bugzilla.suse.com/1064101
https://bugzilla.suse.com/1064102
https://bugzilla.suse.com/1064104
https://bugzilla.suse.com/1064105
https://bugzilla.suse.com/1064107
https://bugzilla.suse.com/1064108
https://bugzilla.suse.com/1064112
https://bugzilla.suse.com/1064115
https://bugzilla.suse.com/1064116
https://bugzilla.suse.com/1064117
https://bugzilla.suse.com/1064118
https://bugzilla.suse.com/1064119
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:2868-1
Rating: important
References: #1039034 #1064096 #1064100 #1064101 #1064102
#1064104 #1064105 #1064107 #1064108 #1064112
#1064115 #1064116 #1064117 #1064118 #1064119
Cross-References: CVE-2017-10155 CVE-2017-10227 CVE-2017-10268
CVE-2017-10276 CVE-2017-10279 CVE-2017-10283
CVE-2017-10286 CVE-2017-10294 CVE-2017-10314
CVE-2017-10378 CVE-2017-10379 CVE-2017-10384
CVE-2017-3731
Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________
An update that solves 13 vulnerabilities and has two fixes
is now available.
Description:
This update for mysql-community-server to 5.6.38 fixes the following
issues:
Full list of changes:
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html
CVEs fixed:
- [boo#1064116] CVE-2017-10379
- [boo#1064117] CVE-2017-10384
- [boo#1064115] CVE-2017-10378
- [boo#1064101] CVE-2017-10268
- [boo#1064096] CVE-2017-10155
- [boo#1064118] CVE-2017-3731
- [boo#1064102] CVE-2017-10276
- [boo#1064105] CVE-2017-10283
- [boo#1064112] CVE-2017-10314
- [boo#1064100] CVE-2017-10227
- [boo#1064104] CVE-2017-10279
- [boo#1064108] CVE-2017-10294
- [boo#1064107] CVE-2017-10286
Additional changes:
- add "BuildRequires: unixODBC-devel" to allow ODBC support for Connect
engine [boo#1039034]
- update filename in /var/adm/update-messages to match documentation, and
build-compare pattern
- some scripts from the tools subpackage, namely: wsrep_sst_xtrabackup,
wsrep_sst_mariabackup.sh and wsrep_sst_xtrabackup-v2.sh need socat
- fixed incorrect descriptions and mismatching RPM groups
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2017-1196=1
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-1196=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.3 (i586 x86_64):
libmysql56client18-5.6.38-30.1
libmysql56client18-debuginfo-5.6.38-30.1
libmysql56client_r18-5.6.38-30.1
mysql-community-server-5.6.38-30.1
mysql-community-server-bench-5.6.38-30.1
mysql-community-server-bench-debuginfo-5.6.38-30.1
mysql-community-server-client-5.6.38-30.1
mysql-community-server-client-debuginfo-5.6.38-30.1
mysql-community-server-debuginfo-5.6.38-30.1
mysql-community-server-debugsource-5.6.38-30.1
mysql-community-server-test-5.6.38-30.1
mysql-community-server-test-debuginfo-5.6.38-30.1
mysql-community-server-tools-5.6.38-30.1
mysql-community-server-tools-debuginfo-5.6.38-30.1
- openSUSE Leap 42.3 (noarch):
mysql-community-server-errormessages-5.6.38-30.1
- openSUSE Leap 42.3 (x86_64):
libmysql56client18-32bit-5.6.38-30.1
libmysql56client18-debuginfo-32bit-5.6.38-30.1
libmysql56client_r18-32bit-5.6.38-30.1
- openSUSE Leap 42.2 (i586 x86_64):
libmysql56client18-5.6.38-24.12.1
libmysql56client18-debuginfo-5.6.38-24.12.1
libmysql56client_r18-5.6.38-24.12.1
mysql-community-server-5.6.38-24.12.1
mysql-community-server-bench-5.6.38-24.12.1
mysql-community-server-bench-debuginfo-5.6.38-24.12.1
mysql-community-server-client-5.6.38-24.12.1
mysql-community-server-client-debuginfo-5.6.38-24.12.1
mysql-community-server-debuginfo-5.6.38-24.12.1
mysql-community-server-debugsource-5.6.38-24.12.1
mysql-community-server-test-5.6.38-24.12.1
mysql-community-server-test-debuginfo-5.6.38-24.12.1
mysql-community-server-tools-5.6.38-24.12.1
mysql-community-server-tools-debuginfo-5.6.38-24.12.1
- openSUSE Leap 42.2 (x86_64):
libmysql56client18-32bit-5.6.38-24.12.1
libmysql56client18-debuginfo-32bit-5.6.38-24.12.1
libmysql56client_r18-32bit-5.6.38-24.12.1
- openSUSE Leap 42.2 (noarch):
mysql-community-server-errormessages-5.6.38-24.12.1
References:
https://www.suse.com/security/cve/CVE-2017-10155.html
https://www.suse.com/security/cve/CVE-2017-10227.html
https://www.suse.com/security/cve/CVE-2017-10268.html
https://www.suse.com/security/cve/CVE-2017-10276.html
https://www.suse.com/security/cve/CVE-2017-10279.html
https://www.suse.com/security/cve/CVE-2017-10283.html
https://www.suse.com/security/cve/CVE-2017-10286.html
https://www.suse.com/security/cve/CVE-2017-10294.html
https://www.suse.com/security/cve/CVE-2017-10314.html
https://www.suse.com/security/cve/CVE-2017-10378.html
https://www.suse.com/security/cve/CVE-2017-10379.html
https://www.suse.com/security/cve/CVE-2017-10384.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://bugzilla.suse.com/1039034
https://bugzilla.suse.com/1064096
https://bugzilla.suse.com/1064100
https://bugzilla.suse.com/1064101
https://bugzilla.suse.com/1064102
https://bugzilla.suse.com/1064104
https://bugzilla.suse.com/1064105
https://bugzilla.suse.com/1064107
https://bugzilla.suse.com/1064108
https://bugzilla.suse.com/1064112
https://bugzilla.suse.com/1064115
https://bugzilla.suse.com/1064116
https://bugzilla.suse.com/1064117
https://bugzilla.suse.com/1064118
https://bugzilla.suse.com/1064119
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx
< Previous | Next > |