This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.13.10.1 --------------- mysql-5.5 (5.5.37-0ubuntu0.13.10.1) saucy-security; urgency=medium
* SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662) - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html - CVE-2014-0001 - CVE-2014-0384 - CVE-2014-2419 - CVE-2014-2430 - CVE-2014-2431 - CVE-2014-2432 - CVE-2014-2436 - CVE-2014-2438 - CVE-2014-2440 * Drop creation of insecure database permissions: - d/p/33_scripts__mysql_create_system_tables__no_test.patch, d/p/41_scripts__mysql_install_db.sh__no_test.patch, d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1 package, inadvertently dropped in 5.5 transition. This removes the global anonymous access to the database which is a security concern. -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Sat, 19 Apr 2014 20:45:09 -0400 ** Changed in: mysql-5.5 (Ubuntu Saucy) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-0001 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-0384 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2419 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2430 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2431 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2432 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2436 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2438 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2440 ** Changed in: mysql-5.5 (Ubuntu Quantal) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-5.5 in Ubuntu. https://bugs.launchpad.net/bugs/1309662 Title: mysql 5.5.37 security update tracking bug To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1309662/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs