SUSE-SU-2015:0620-1: important: Security update for MySQL

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Mar 27 18:04:55 MDT 2015


   SUSE Security Update: Security update for MySQL
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:0620-1
Rating:             important
References:         #857678 #868673 #878779 #901237 #914058 
Cross-References:   CVE-2012-5615 CVE-2014-0224 CVE-2014-4274
                    CVE-2014-4287 CVE-2014-6463 CVE-2014-6464
                    CVE-2014-6469 CVE-2014-6474 CVE-2014-6478
                    CVE-2014-6484 CVE-2014-6489 CVE-2014-6491
                    CVE-2014-6494 CVE-2014-6495 CVE-2014-6496
                    CVE-2014-6500 CVE-2014-6505 CVE-2014-6507
                    CVE-2014-6520 CVE-2014-6530 CVE-2014-6551
                    CVE-2014-6555 CVE-2014-6559 CVE-2014-6564
                    CVE-2014-6568 CVE-2015-0374 CVE-2015-0381
                    CVE-2015-0382 CVE-2015-0385 CVE-2015-0391
                    CVE-2015-0409 CVE-2015-0411 CVE-2015-0432
                   
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP3
                    SUSE Linux Enterprise Server 11 SP3 for VMware
                    SUSE Linux Enterprise Server 11 SP3
                    SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________

   An update that fixes 33 vulnerabilities is now available.
   It includes one version update.

Description:


   The MySQL datebase server was updated to 5.5.42, fixing various bugs and
   security issues.

   More information can be found on:

       * http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-42.html
         <http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-42.html>
       * http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-41.html
         <http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-41.html>
       * http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
         <http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html>

   Also various issues with the mysql start script were fixed.
   (bsc#868673,bsc#878779)

   Security Issues:

       * CVE-2015-0411
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0411>
       * CVE-2015-0382
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0382>
       * CVE-2015-0381
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0381>
       * CVE-2015-0391
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0391>
       * CVE-2015-0432
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0432>
       * CVE-2015-0409
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0409>
       * CVE-2014-6568
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6568>
       * CVE-2015-0385
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0385>
       * CVE-2015-0374
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0374>
       * CVE-2012-5615
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615>
       * CVE-2014-0224
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224>
       * CVE-2014-4274
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274>
       * CVE-2014-4287
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287>
       * CVE-2014-6463
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463>
       * CVE-2014-6464
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464>
       * CVE-2014-6469
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469>
       * CVE-2014-6474
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6474>
       * CVE-2014-6478
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478>
       * CVE-2014-6484
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484>
       * CVE-2014-6489
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6489>
       * CVE-2014-6491
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491>
       * CVE-2014-6494
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494>
       * CVE-2014-6495
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495>
       * CVE-2014-6496
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496>
       * CVE-2014-6500
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500>
       * CVE-2014-6505
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505>
       * CVE-2014-6507
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507>
       * CVE-2014-6520
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520>
       * CVE-2014-6530
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530>
       * CVE-2014-6551
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551>
       * CVE-2014-6555
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555>
       * CVE-2014-6559
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559>
       * CVE-2014-6564
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6564>


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP3:

      zypper in -t patch sdksp3-libmysql55client18=10387

   - SUSE Linux Enterprise Server 11 SP3 for VMware:

      zypper in -t patch slessp3-libmysql55client18=10387

   - SUSE Linux Enterprise Server 11 SP3:

      zypper in -t patch slessp3-libmysql55client18=10387

   - SUSE Linux Enterprise Desktop 11 SP3:

      zypper in -t patch sledsp3-libmysql55client18=10387

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64):

      libmysql55client_r18-32bit-5.5.42-0.8.1
      libmysqlclient_r15-32bit-5.0.96-0.6.20

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64):

      libmysql55client_r18-x86-5.5.42-0.8.1
      libmysqlclient_r15-x86-5.0.96-0.6.20

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 5.5.42]:

      libmysql55client18-5.5.42-0.8.1
      libmysql55client_r18-5.5.42-0.8.1
      libmysqlclient15-5.0.96-0.6.20
      libmysqlclient_r15-5.0.96-0.6.20
      mysql-5.5.42-0.8.1
      mysql-client-5.5.42-0.8.1
      mysql-tools-5.5.42-0.8.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 5.5.42]:

      libmysql55client18-32bit-5.5.42-0.8.1
      libmysqlclient15-32bit-5.0.96-0.6.20

   - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.5.42]:

      libmysql55client18-5.5.42-0.8.1
      libmysql55client_r18-5.5.42-0.8.1
      libmysqlclient15-5.0.96-0.6.20
      libmysqlclient_r15-5.0.96-0.6.20
      mysql-5.5.42-0.8.1
      mysql-client-5.5.42-0.8.1
      mysql-tools-5.5.42-0.8.1

   - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 5.5.42]:

      libmysql55client18-32bit-5.5.42-0.8.1
      libmysqlclient15-32bit-5.0.96-0.6.20

   - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 5.5.42]:

      libmysql55client18-x86-5.5.42-0.8.1
      libmysqlclient15-x86-5.0.96-0.6.20

   - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 5.5.42]:

      libmysql55client18-5.5.42-0.8.1
      libmysql55client_r18-5.5.42-0.8.1
      libmysqlclient15-5.0.96-0.6.20
      libmysqlclient_r15-5.0.96-0.6.20
      mysql-5.5.42-0.8.1
      mysql-client-5.5.42-0.8.1

   - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 5.5.42]:

      libmysql55client18-32bit-5.5.42-0.8.1
      libmysql55client_r18-32bit-5.5.42-0.8.1
      libmysqlclient15-32bit-5.0.96-0.6.20
      libmysqlclient_r15-32bit-5.0.96-0.6.20


References:

   https://www.suse.com/security/cve/CVE-2012-5615.html
   https://www.suse.com/security/cve/CVE-2014-0224.html
   https://www.suse.com/security/cve/CVE-2014-4274.html
   https://www.suse.com/security/cve/CVE-2014-4287.html
   https://www.suse.com/security/cve/CVE-2014-6463.html
   https://www.suse.com/security/cve/CVE-2014-6464.html
   https://www.suse.com/security/cve/CVE-2014-6469.html
   https://www.suse.com/security/cve/CVE-2014-6474.html
   https://www.suse.com/security/cve/CVE-2014-6478.html
   https://www.suse.com/security/cve/CVE-2014-6484.html
   https://www.suse.com/security/cve/CVE-2014-6489.html
   https://www.suse.com/security/cve/CVE-2014-6491.html
   https://www.suse.com/security/cve/CVE-2014-6494.html
   https://www.suse.com/security/cve/CVE-2014-6495.html
   https://www.suse.com/security/cve/CVE-2014-6496.html
   https://www.suse.com/security/cve/CVE-2014-6500.html
   https://www.suse.com/security/cve/CVE-2014-6505.html
   https://www.suse.com/security/cve/CVE-2014-6507.html
   https://www.suse.com/security/cve/CVE-2014-6520.html
   https://www.suse.com/security/cve/CVE-2014-6530.html
   https://www.suse.com/security/cve/CVE-2014-6551.html
   https://www.suse.com/security/cve/CVE-2014-6555.html
   https://www.suse.com/security/cve/CVE-2014-6559.html
   https://www.suse.com/security/cve/CVE-2014-6564.html
   https://www.suse.com/security/cve/CVE-2014-6568.html
   https://www.suse.com/security/cve/CVE-2015-0374.html
   https://www.suse.com/security/cve/CVE-2015-0381.html
   https://www.suse.com/security/cve/CVE-2015-0382.html
   https://www.suse.com/security/cve/CVE-2015-0385.html
   https://www.suse.com/security/cve/CVE-2015-0391.html
   https://www.suse.com/security/cve/CVE-2015-0409.html
   https://www.suse.com/security/cve/CVE-2015-0411.html
   https://www.suse.com/security/cve/CVE-2015-0432.html
   https://bugzilla.suse.com/857678
   https://bugzilla.suse.com/868673
   https://bugzilla.suse.com/878779
   https://bugzilla.suse.com/901237
   https://bugzilla.suse.com/914058
   https://download.suse.com/patch/finder/?keywords=517a5816624f292e6bf06cda503a4300



More information about the sle-security-updates mailing list