Slpackages working? Pat Riehecky <riehe...@fnal.gov> wrote:
>Synopsis: Moderate: mysql security and bug fix update >Advisory ID: SLSA-2014:0164-1 >Issue Date: 2014-02-12 >CVE Numbers: CVE-2013-5908 > CVE-2014-0386 > CVE-2014-0393 > CVE-2014-0401 > CVE-2014-0402 > CVE-2014-0412 > CVE-2014-0437 > CVE-2014-0001 >-- > >(CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, >CVE-2014-0412, CVE-2014-0437, CVE-2013-5908) > >A buffer overflow flaw was found in the way the MySQL command line client >tool (mysql) processed excessively long version strings. If a user >connected to a malicious MySQL server via the mysql client, the server >could use this flaw to crash the mysql client or, potentially, execute >arbitrary code as the user running the mysql client. (CVE-2014-0001) > >This update also fixes the following bug: > >* Prior to this update, MySQL did not check whether a MySQL socket was >actually being used by any process before starting the mysqld service. If >a particular mysqld service did not exit cleanly while a socket was being >used by a process, this socket was considered to be still in use during >the next start-up of this service, which resulted in a failure to start >the service up. With this update, if a socket exists but is not used by >any process, it is ignored during the mysqld service start-up. > >After installing this update, the MySQL server daemon (mysqld) will be >restarted automatically. >-- > >SL6 > x86_64 > mysql-5.1.73-3.el6_5.x86_64.rpm > mysql-debuginfo-5.1.73-3.el6_5.i686.rpm > mysql-debuginfo-5.1.73-3.el6_5.x86_64.rpm > mysql-libs-5.1.73-3.el6_5.i686.rpm > mysql-libs-5.1.73-3.el6_5.x86_64.rpm > mysql-server-5.1.73-3.el6_5.x86_64.rpm > mysql-bench-5.1.73-3.el6_5.x86_64.rpm > mysql-devel-5.1.73-3.el6_5.i686.rpm > mysql-devel-5.1.73-3.el6_5.x86_64.rpm > mysql-embedded-5.1.73-3.el6_5.i686.rpm > mysql-embedded-5.1.73-3.el6_5.x86_64.rpm > mysql-embedded-devel-5.1.73-3.el6_5.i686.rpm > mysql-embedded-devel-5.1.73-3.el6_5.x86_64.rpm > mysql-test-5.1.73-3.el6_5.x86_64.rpm > i386 > mysql-5.1.73-3.el6_5.i686.rpm > mysql-debuginfo-5.1.73-3.el6_5.i686.rpm > mysql-libs-5.1.73-3.el6_5.i686.rpm > mysql-server-5.1.73-3.el6_5.i686.rpm > mysql-bench-5.1.73-3.el6_5.i686.rpm > mysql-devel-5.1.73-3.el6_5.i686.rpm > mysql-embedded-5.1.73-3.el6_5.i686.rpm > mysql-embedded-devel-5.1.73-3.el6_5.i686.rpm > mysql-test-5.1.73-3.el6_5.i686.rpm > >- Scientific Linux Development Team