Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

DSA-2985-1 mysql-5.5 -- security update

 

Systems Affected


mysql-5.5

Threat Level


Medium


Overview


In the Debian bugtracking system: Bug 754941. In Mitre's CVE dictionary: CVE-2014-2494, CVE-2014-4207, CVE-2014-4258, CVE-2014-4260.


Description


Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.38. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details:

http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

For the stable distribution (wheezy), these problems have been fixed in version 5.5.38-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon.


Impact



Solution/ Workarounds


Recommend to upgrade to mysql-5.5 packages.


References


http://www.debian.org/security/2014/dsa-2985


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.