Hi,
This might be an error in the CPU announcement (they sometimes get
corrections after the initial announcement). I'll try to track down
someone who's worked on this fix and ask.
--
Lars
On 10/19/2016 08:21 AM, Salvatore Bonaccorso wrote:
Hi Lars, hi Norvald,
On Wed, Oct 19, 2016 at 08:03:00AM +0200, Lars Tangvald wrote:
The following CVEs are fixed in 5.5.53:
CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
The listing of CVE-2016-6662 is confusing here. This should actually
already be addressed in 5.5.52, cf.
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Any insight on why Oracle claims it to be only fixed in 5.5.53?
Regards,
Salvatore
