This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.12.04.1
---------------
mysql-5.5 (5.5.37-0ubuntu0.12.04.1) precise-security; urgency=medium
* SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
- CVE-2014-0001
- CVE-2014-0384
- CVE-2014-2419
- CVE-2014-2430
- CVE-2014-2431
- CVE-2014-2432
- CVE-2014-2436
- CVE-2014-2438
- CVE-2014-2440
* Drop creation of insecure database permissions:
- d/p/33_scripts__mysql_create_system_tables__no_test.patch,
d/p/41_scripts__mysql_install_db.sh__no_test.patch,
d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
package, inadvertently dropped in 5.5 transition. This
removes the global anonymous access to the database which
is a security concern.
-- Marc Deslauriers <[email protected]> Sun, 20 Apr 2014 13:03:23
-0400
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1309662
Title:
mysql 5.5.37 security update tracking bug
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1309662/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
