[Bug 1686160] [NEW] Security issues (solved in Debian) - affecting mysql-5.5.54 in Precise and Trusty

Tue, 25 Apr 2017 10:31:06 -0700 

*** This bug is a security vulnerability ***

Public security bug reported:

Package        : mysql-5.5
CVE ID         : CVE-2017-3302 CVE-2017-3305 CVE-2017-3308 CVE-2017-3309
                 CVE-2017-3329 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461
                 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3600
Debian Bug     : 854713 860544

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.55, which includes additional changes, such as performance
improvements, bug fixes, new features, and possibly incompatible
changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical
Patch Update advisory for further details:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html
 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

For the stable distribution (jessie), these problems have been fixed in
version 5.5.55-0+deb8u1.

** Affects: mysql-5.5 (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: mysql-5.5 precise security trusty

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3302

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3305

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3308

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3309

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3329

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3453

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3456

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3461

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3462

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3463

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3464

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-3600

** Information type changed from Public to Public Security

** Tags added: mysql-5.5 precise security trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1686160

Title:
  Security issues (solved in Debian) - affecting mysql-5.5.54 in Precise
  and Trusty

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1686160/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to