SUSE-SU-2015:2303-1: moderate: Security update for mysql

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Dec 18 12:11:35 MST 2015


   SUSE Security Update: Security update for mysql
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:2303-1
Rating:             moderate
References:         #951391 #952196 
Cross-References:   CVE-2015-0286 CVE-2015-0288 CVE-2015-1789
                    CVE-2015-1793 CVE-2015-4730 CVE-2015-4766
                    CVE-2015-4792 CVE-2015-4800 CVE-2015-4802
                    CVE-2015-4815 CVE-2015-4816 CVE-2015-4819
                    CVE-2015-4826 CVE-2015-4830 CVE-2015-4833
                    CVE-2015-4836 CVE-2015-4858 CVE-2015-4861
                    CVE-2015-4862 CVE-2015-4864 CVE-2015-4866
                    CVE-2015-4870 CVE-2015-4879 CVE-2015-4890
                    CVE-2015-4895 CVE-2015-4904 CVE-2015-4905
                    CVE-2015-4910 CVE-2015-4913
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11-SP4
                    SUSE Linux Enterprise Software Development Kit 11-SP3
                    SUSE Linux Enterprise Server for VMWare 11-SP3
                    SUSE Linux Enterprise Server 11-SP4
                    SUSE Linux Enterprise Server 11-SP3
                    SUSE Linux Enterprise Desktop 11-SP4
                    SUSE Linux Enterprise Desktop 11-SP3
                    SUSE Linux Enterprise Debuginfo 11-SP4
                    SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

   An update that fixes 29 vulnerabilities is now available.

Description:

   The mysql package was updated to version 5.5.46 to fixs several security
   and non security issues.

   - bnc#951391: update to version 5.5.46
     * changes:
       http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-46.html
     * fixed CVEs: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288,
       CVE-2015-1789, CVE-2015-4730, CVE-2015-4766, CVE-2015-4792,
       CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816,
       CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4833,
       CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862,
       CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879,
       CVE-2015-4890, CVE-2015-4895, CVE-2015-4904, CVE-2015-4905,
       CVE-2015-4910, CVE-2015-4913
   - bnc#952196: Fixed a build error for ppc*, s390* and ia64 architectures.


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11-SP4:

      zypper in -t patch sdksp4-mysql-12272=1

   - SUSE Linux Enterprise Software Development Kit 11-SP3:

      zypper in -t patch sdksp3-mysql-12272=1

   - SUSE Linux Enterprise Server for VMWare 11-SP3:

      zypper in -t patch slessp3-mysql-12272=1

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-mysql-12272=1

   - SUSE Linux Enterprise Server 11-SP3:

      zypper in -t patch slessp3-mysql-12272=1

   - SUSE Linux Enterprise Desktop 11-SP4:

      zypper in -t patch sledsp4-mysql-12272=1

   - SUSE Linux Enterprise Desktop 11-SP3:

      zypper in -t patch sledsp3-mysql-12272=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-mysql-12272=1

   - SUSE Linux Enterprise Debuginfo 11-SP3:

      zypper in -t patch dbgsp3-mysql-12272=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64):

      libmysql55client_r18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64):

      libmysql55client_r18-x86-5.5.46-0.14.1

   - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64):

      libmysql55client_r18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Software Development Kit 11-SP3 (ia64):

      libmysql55client_r18-x86-5.5.46-0.14.1

   - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64):

      libmysql55client18-5.5.46-0.14.1
      libmysql55client_r18-5.5.46-0.14.1
      mysql-5.5.46-0.14.1
      mysql-client-5.5.46-0.14.1
      mysql-tools-5.5.46-0.14.1

   - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64):

      libmysql55client18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      libmysql55client18-5.5.46-0.14.1
      libmysql55client_r18-5.5.46-0.14.1
      mysql-5.5.46-0.14.1
      mysql-client-5.5.46-0.14.1
      mysql-tools-5.5.46-0.14.1

   - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64):

      libmysql55client18-32bit-5.5.46-0.14.1
      libmysql55client_r18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Server 11-SP4 (ia64):

      libmysql55client18-x86-5.5.46-0.14.1
      libmysql55client_r18-x86-5.5.46-0.14.1

   - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64):

      libmysql55client18-5.5.46-0.14.1
      libmysql55client_r18-5.5.46-0.14.1
      mysql-5.5.46-0.14.1
      mysql-client-5.5.46-0.14.1
      mysql-tools-5.5.46-0.14.1

   - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64):

      libmysql55client18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Server 11-SP3 (ia64):

      libmysql55client18-x86-5.5.46-0.14.1

   - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64):

      libmysql55client18-5.5.46-0.14.1
      libmysql55client_r18-5.5.46-0.14.1
      mysql-5.5.46-0.14.1
      mysql-client-5.5.46-0.14.1

   - SUSE Linux Enterprise Desktop 11-SP4 (x86_64):

      libmysql55client18-32bit-5.5.46-0.14.1
      libmysql55client_r18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64):

      libmysql55client18-5.5.46-0.14.1
      libmysql55client_r18-5.5.46-0.14.1
      mysql-5.5.46-0.14.1
      mysql-client-5.5.46-0.14.1

   - SUSE Linux Enterprise Desktop 11-SP3 (x86_64):

      libmysql55client18-32bit-5.5.46-0.14.1
      libmysql55client_r18-32bit-5.5.46-0.14.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      mysql-debuginfo-5.5.46-0.14.1
      mysql-debugsource-5.5.46-0.14.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64):

      mysql-debuginfo-5.5.46-0.14.1
      mysql-debugsource-5.5.46-0.14.1


References:

   https://www.suse.com/security/cve/CVE-2015-0286.html
   https://www.suse.com/security/cve/CVE-2015-0288.html
   https://www.suse.com/security/cve/CVE-2015-1789.html
   https://www.suse.com/security/cve/CVE-2015-1793.html
   https://www.suse.com/security/cve/CVE-2015-4730.html
   https://www.suse.com/security/cve/CVE-2015-4766.html
   https://www.suse.com/security/cve/CVE-2015-4792.html
   https://www.suse.com/security/cve/CVE-2015-4800.html
   https://www.suse.com/security/cve/CVE-2015-4802.html
   https://www.suse.com/security/cve/CVE-2015-4815.html
   https://www.suse.com/security/cve/CVE-2015-4816.html
   https://www.suse.com/security/cve/CVE-2015-4819.html
   https://www.suse.com/security/cve/CVE-2015-4826.html
   https://www.suse.com/security/cve/CVE-2015-4830.html
   https://www.suse.com/security/cve/CVE-2015-4833.html
   https://www.suse.com/security/cve/CVE-2015-4836.html
   https://www.suse.com/security/cve/CVE-2015-4858.html
   https://www.suse.com/security/cve/CVE-2015-4861.html
   https://www.suse.com/security/cve/CVE-2015-4862.html
   https://www.suse.com/security/cve/CVE-2015-4864.html
   https://www.suse.com/security/cve/CVE-2015-4866.html
   https://www.suse.com/security/cve/CVE-2015-4870.html
   https://www.suse.com/security/cve/CVE-2015-4879.html
   https://www.suse.com/security/cve/CVE-2015-4890.html
   https://www.suse.com/security/cve/CVE-2015-4895.html
   https://www.suse.com/security/cve/CVE-2015-4904.html
   https://www.suse.com/security/cve/CVE-2015-4905.html
   https://www.suse.com/security/cve/CVE-2015-4910.html
   https://www.suse.com/security/cve/CVE-2015-4913.html
   https://bugzilla.suse.com/951391
   https://bugzilla.suse.com/952196



More information about the sle-security-updates mailing list