Mailinglist Archive: opensuse-updates (124 mails)

< Previous Next >
openSUSE-SU-2017:2011-1: moderate: Security update for mysql-community-server
openSUSE Security Update: Security update for mysql-community-server
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2011-1
Rating: moderate
References: #1049394 #1049396 #1049398 #1049399 #1049404
#1049410 #1049411 #1049412 #1049415 #1049416
#1049417 #1049421 #1049422
Cross-References: CVE-2017-3633 CVE-2017-3634 CVE-2017-3635
CVE-2017-3636 CVE-2017-3641 CVE-2017-3647
CVE-2017-3648 CVE-2017-3649 CVE-2017-3651
CVE-2017-3652 CVE-2017-3653 CVE-2017-3732

Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________

An update that solves 12 vulnerabilities and has one errata
is now available.

Description:

This update for mysql-community-server to version 5.6.37 fixes security
issues and bugs.

The following vulnerabilities were fixed:
- CVE-2017-3633: Memcached unspecified vulnerability (boo#1049394)
- CVE-2017-3634: DML unspecified vulnerability (boo#1049396)
- CVE-2017-3635: C API unspecified vulnerability (boo#1049398)
- CVE-2017-3636: Client programs unspecified vulnerability (boo#1049399)
- CVE-2017-3641: DML unspecified vulnerability (boo#1049404)
- CVE-2017-3647: Replication unspecified vulnerability (boo#1049410)
- CVE-2017-3648: Charsets unspecified vulnerability (boo#1049411)
- CVE-2017-3649: Replication unspecified vulnerability (boo#1049412)
- CVE-2017-3651: Client mysqldump unspecified vulnerability (boo#1049415)
- CVE-2017-3652: DDL unspecified vulnerability (boo#1049416)
- CVE-2017-3653: DDL unspecified vulnerability (boo#1049417)
- CVE-2017-3732: Security, Encryption unspecified vulnerability
(boo#1049421)

The following general changes are included:

- switch systemd unit file from 'Restart=on-failure' to 'Restart=on-abort'
- update file lists for new man-pages and tools (for mariadb)

For a list of upstream changes in this release, see:
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-37.html


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-866=1

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-866=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.3 (i586 x86_64):

libmysql56client18-5.6.37-27.1
libmysql56client18-debuginfo-5.6.37-27.1
libmysql56client_r18-5.6.37-27.1
mysql-community-server-5.6.37-27.1
mysql-community-server-bench-5.6.37-27.1
mysql-community-server-bench-debuginfo-5.6.37-27.1
mysql-community-server-client-5.6.37-27.1
mysql-community-server-client-debuginfo-5.6.37-27.1
mysql-community-server-debuginfo-5.6.37-27.1
mysql-community-server-debugsource-5.6.37-27.1
mysql-community-server-errormessages-5.6.37-27.1
mysql-community-server-test-5.6.37-27.1
mysql-community-server-test-debuginfo-5.6.37-27.1
mysql-community-server-tools-5.6.37-27.1
mysql-community-server-tools-debuginfo-5.6.37-27.1

- openSUSE Leap 42.3 (x86_64):

libmysql56client18-32bit-5.6.37-27.1
libmysql56client18-debuginfo-32bit-5.6.37-27.1
libmysql56client_r18-32bit-5.6.37-27.1

- openSUSE Leap 42.2 (i586 x86_64):

libmysql56client18-5.6.37-24.9.1
libmysql56client18-debuginfo-5.6.37-24.9.1
libmysql56client_r18-5.6.37-24.9.1
mysql-community-server-5.6.37-24.9.1
mysql-community-server-bench-5.6.37-24.9.1
mysql-community-server-bench-debuginfo-5.6.37-24.9.1
mysql-community-server-client-5.6.37-24.9.1
mysql-community-server-client-debuginfo-5.6.37-24.9.1
mysql-community-server-debuginfo-5.6.37-24.9.1
mysql-community-server-debugsource-5.6.37-24.9.1
mysql-community-server-errormessages-5.6.37-24.9.1
mysql-community-server-test-5.6.37-24.9.1
mysql-community-server-test-debuginfo-5.6.37-24.9.1
mysql-community-server-tools-5.6.37-24.9.1
mysql-community-server-tools-debuginfo-5.6.37-24.9.1

- openSUSE Leap 42.2 (x86_64):

libmysql56client18-32bit-5.6.37-24.9.1
libmysql56client18-debuginfo-32bit-5.6.37-24.9.1
libmysql56client_r18-32bit-5.6.37-24.9.1


References:

https://www.suse.com/security/cve/CVE-2017-3633.html
https://www.suse.com/security/cve/CVE-2017-3634.html
https://www.suse.com/security/cve/CVE-2017-3635.html
https://www.suse.com/security/cve/CVE-2017-3636.html
https://www.suse.com/security/cve/CVE-2017-3641.html
https://www.suse.com/security/cve/CVE-2017-3647.html
https://www.suse.com/security/cve/CVE-2017-3648.html
https://www.suse.com/security/cve/CVE-2017-3649.html
https://www.suse.com/security/cve/CVE-2017-3651.html
https://www.suse.com/security/cve/CVE-2017-3652.html
https://www.suse.com/security/cve/CVE-2017-3653.html
https://www.suse.com/security/cve/CVE-2017-3732.html
https://bugzilla.suse.com/1049394
https://bugzilla.suse.com/1049396
https://bugzilla.suse.com/1049398
https://bugzilla.suse.com/1049399
https://bugzilla.suse.com/1049404
https://bugzilla.suse.com/1049410
https://bugzilla.suse.com/1049411
https://bugzilla.suse.com/1049412
https://bugzilla.suse.com/1049415
https://bugzilla.suse.com/1049416
https://bugzilla.suse.com/1049417
https://bugzilla.suse.com/1049421
https://bugzilla.suse.com/1049422


< Previous Next >
This Thread
  • No further messages