Hi,

This might be an error in the CPU announcement (they sometimes get corrections after the initial announcement). I'll try to track down someone who's worked on this fix and ask.


--
Lars

On 10/19/2016 08:21 AM, Salvatore Bonaccorso wrote:
Hi Lars, hi Norvald,

On Wed, Oct 19, 2016 at 08:03:00AM +0200, Lars Tangvald wrote:
The following CVEs are fixed in 5.5.53:
CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
The listing of CVE-2016-6662 is confusing here. This should actually
already be addressed in 5.5.52, cf.
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

Any insight on why Oracle claims it to be only fixed in 5.5.53?

Regards,
Salvatore

Reply via email to