robert.st...@datagroup.de On Wed, Sep 14, 2016, 17:14 Salvatore Bonaccorso <car...@debian.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-3666-1 secur...@debian.org > https://www.debian.org/security/ Salvatore Bonaccorso > September 14, 2016 https://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : mysql-5.5 > CVE ID : CVE-2016-6662 > > Dawid Golunski discovered that the mysqld_safe wrapper provided by the > MySQL database server insufficiently restricted the load path for custom > malloc implementations, which could result in privilege escalation. > > The vulnerability was addressed by upgrading MySQL to the new upstream > version 5.5.52, which includes additional changes, such as performance > improvements, bug fixes, new features, and possibly incompatible > changes. Please see the MySQL 5.5 Release Notes for further details: > > https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html > https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html > > For the stable distribution (jessie), this problem has been fixed in > version 5.5.52-0+deb8u1. > > We recommend that you upgrade your mysql-5.5 packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: https://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBCgAGBQJX2WdfAAoJEAVMuPMTQ89EHJ0P/2GguTleQy7sFNqsBZHsANTz > MYYazcwSHQQbMiAVKGkzO5sT+UmUcgA3YavP3ZUrB1PEg+03d6sgvpEV1vq5bSmX > 7Br+6qgj4Sz1LCPBf/iS/RJ4WpSRkVFNNWqyvZOyj0HvvDpASscO6XRvmJdVcSGn > 6kl9qv4HxHY0LXAi4hxkD/h4aMjRwt7kG3PK32QAPqhn2bXXT3pdRZF1We8wFjS2 > Tkxky3f8Ns4Ect2dbgNXYrlpcGODD9lYzESH8e4Cdrvsyyr/J39M8XH/va8uJfgS > Db8VA2/hiy22jTMI0r2kqhgFcv5L6HK/FO9So5ON6zSAtLj4risMoXbclpMLe4qd > saF+XQVAgaSvPZ6K0KuPJihmKj3XshzBDYO9aKsD1yiUfpu+IfRPUqyO1g7si4kD > FbcIN2KnRnNROFsronsOWnyCQ8ffrKJokzRkzcpjU4qkFLK3rvpLkUvwm2+KTlCC > W6ZtW9tpADr8hK7fcGKBPqj4aQTV2101Vuy08LSLqMMXq+kJF3VzsRlWctqodEpX > /eSnwSeBvcigSZXWTcrwMt1vb+ixVSYkybFokvjjK5WEdH6LuO4YaBv6VuJewH2E > FWxKBTHos5Uff2DNQz63B0As7ul6VjoWCcQhaY2e84WzIaVdJAcog5Rzf3IIBc+M > ftF3slzWy/NPPG2SZURD > =ihba > -----END PGP SIGNATURE----- > >