Bug 40530 - mysql-5.5: Multiple issues (4.1)
mysql-5.5: Multiple issues (4.1)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.1-3-errata
Assigned To: Philipp Hahn
Felix Botner
http://www.oracle.com/technetwork/top...
:
Depends on:
Blocks: 40531 41851 43441
  Show dependency treegraph
 
Reported: 2016-01-28 14:44 CET by Arvid Requate
Modified: 2017-03-07 17:25 CET (History)
3 users (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:
requate: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2016-01-28 14:44:27 CET
New security vulnerabilities have been discovered in MySQL:

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL

The current version in UCS 4.0-4 is affected by these:

CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616
Comment 1 Arvid Requate univentionstaff 2016-02-01 11:12:37 CET
Fixed in upstream Debian package version 5.5.47-0+deb7u1.
Comment 2 Arvid Requate univentionstaff 2016-05-03 15:51:33 CEST
Fixed in 5.5.49-0+deb7u1:

CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643
CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648
CVE-2016-0649 CVE-2016-0650 CVE-2016-0666 CVE-2016-2047

For details see:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html
 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html
 http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
Comment 3 Arvid Requate univentionstaff 2016-07-25 20:56:02 CEST
Fixed in upstream Debian (Jessie) package version 5.5.50-0+deb8u1:

CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440

For details see:

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Comment 4 Janek Walkenhorst univentionstaff 2016-09-15 18:46:10 CEST
Fixed in upstream Debian (Jessie) package version 5.5.52-0+deb8u1:

CVE-2016-6662
privilege escalation through ld_preload hijacking and my.cnf rewrite

Also: 
  The upcoming advisory CVE-2016-6663 will also make the exploitation trivial
  for certain low-privileged attackers that do not have FILE privilege. 
<http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html>
Comment 5 Philipp Hahn univentionstaff 2016-09-28 14:40:06 CEST
repo_admin.py -U -r 4.1 -s errata4.1-3 -d wheezy -p mysql-5.5

Package: mysql-5.5
Version: 5.5.52-0.25.201609281418
Branch: ucs_4.1-0
Scope: errata4.1-3

r72876 | Bug #40530: mysql-5.5 UCS-4.1-3
 mysql-5.5.yaml

errata-announce -V --only mysql-5.5.yaml --ignore-validate cve
Comment 6 Felix Botner univentionstaff 2016-10-11 10:56:58 CEST
OK - amd64/i386
OK - install/update
OK - build with patches
OK - CVE's
OK - short test (mysql cmdline, owncloud installation)
OK - version in 4.1 higher than in 3.3

OK - yaml
Comment 7 Janek Walkenhorst univentionstaff 2016-10-12 13:06:43 CEST
<http://errata.software-univention.de/ucs/4.1/284.html>