Univention Bugzilla – Bug 40184
mysql-5.5: Multiple issues (4.0)
Last modified: 2016-01-13 16:04:29 CET
+++ This bug was initially created as a clone of Bug #40183 +++ New security vulnerabilities have been discovered in MySQL: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL The Debian upstream package version 5.5.46-0+deb7u1 fixes these: CVE-2015-4792 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4879 CVE-2015-4913
repo_admin.py -U -p mysql-5.5 -d wheezy -r 4.0-0-0 -s errata4.0-4 b40-scope errata4.0-4 mysql-5.5
4.0-0: 5.5.40-0.11.201411010605 4.0-1: 5.5.40-0.14.201502051002 4.0-3: 5.5.44-0.15.201508042121 4.0-4: 5.5.46-0.16.201512141629 4.1-0: 5.5.46-0.17.201512141630 Package: mysql-5.5 Version: 5.5.46-0.16.201512141629 Branch: ucs_4.0-0-errata4.0-4 Scope: errata4.0-4 r66333 | Bug #40184: UCS-4.0-4 mysql-5.5.yaml mysql-5.5.yaml
OK: DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-server OK: pristine installation and upgrade OK: advisory OK: manual test: # CRED="--user=debian-sys-maint --password=$(grep password /etc/mysql/debian.cnf | cut -d " " -f 3 | head -1)" # mysqladmin $CRED create mytest && echo OK # (mysql $CRED mytest <<__EOF__ DROP TABLE IF EXISTS \`testtable\`; CREATE TABLE \`testtable\` (\`test\` char(60) COLLATE utf8_bin NOT NULL DEFAULT ''); INSERT INTO \`testtable\` VALUES ('foo'),('bar'); __EOF__ ) && echo OK # mysqldump --host=localhost $CRED --compact mytest | grep -q foo && echo OK # mysqladmin $CRED -f drop mytest && echo OK
<http://errata.software-univention.de/ucs/4.0/384.html>