Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so:
moin moin,
Basically they mirror the repos. So when it hits debian I will upgrade.
Ah, OK.
You might also want to create a couple of empty files and lock them down.
$datadir can be exploited, so pre-emptively putting empty conf files in
there that can't be changed by mysql is a good idea.
The following is for anyone with questions on locking down the config
files in $datadir.
Presuming $datadir is /var/lib/mysql either of the following will lock
down the files when run as root, but the first will destroy files you
might already have.
# >/var/lib/mysq/my.cnf
# >/var/lib/mysq/.my.cnf
# chmod 000 /var/lib/mysq/{.,}my.cnf
Or, with some minimal verification that it's safe...
# for file in /var/lib/mysq/{.,}my.cnf; do
if [ ! -e $file ] ; then
>$file
chmod 000 $file
ls -l $file
else
ls -l $file
echo "You might want to check on that"
fi
done
ciao,
der.hans
Sent from my iPhone
On Sep 12, 2016, at 12:00 PM, der.hans <[email protected]> wrote:
Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so:
moin moin,
Thanks have some SQL in DO droplets. Will be looking for this.
Will DigitalOcean automagically apply the patches for you?
I would expect it's in their best interest.
I'm certain DreamHost is already upgraded. GoDaddy is probably rolling it
out already, but I no longer know anyone on the team over there, so am not
sure how quick they will be.
This is admittedly one of the advantages of cloud. The infrastructure
providers can centrally test and roll out for everyone. The disadvantage
is if it's something that affects you, but they don't know or care about
it :).
ciao,
der.hans
Sent from my iPhone
On Sep 12, 2016, at 11:18 AM, der.hans <[email protected]> wrote:
moin moin,
a MySQL remote exploit was announced this morning. Percona and MariaDB
already have fixes that have not yet hit the distros.
https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Watch for updates.
ciao,
der.hans
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# Fairy Tale, n.: A horror story to prepare children for the newspapers.
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# "You go to Afghanistan and you swallow enough dust that you'll pass an
# adobe brick." -- Robin Williams, 03Aug2006
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# "Rock 'n' roll might not solve your problems, but it does let you dance
# all over them." -- Pete Townsend
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
