[Bug 1309662] Re: mysql 5.5.37 security update tracking bug

Wed, 23 Apr 2014 05:51:33 -0700 

This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.13.10.1

---------------
mysql-5.5 (5.5.37-0ubuntu0.13.10.1) saucy-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440
  * Drop creation of insecure database permissions:
    - d/p/33_scripts__mysql_create_system_tables__no_test.patch,
      d/p/41_scripts__mysql_install_db.sh__no_test.patch,
      d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
      package, inadvertently dropped in 5.5 transition. This
      removes the global anonymous access to the database which
      is a security concern.
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Sat, 19 Apr 2014 20:45:09 
-0400

** Changed in: mysql-5.5 (Ubuntu Saucy)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0001

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0384

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2419

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2430

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2431

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2432

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2436

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2438

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2440

** Changed in: mysql-5.5 (Ubuntu Quantal)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.5 in Ubuntu.
https://bugs.launchpad.net/bugs/1309662

Title:
  mysql 5.5.37 security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1309662/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to