Lucene search

K
centosCentOS ProjectCESA-2014:0537
HistoryMay 22, 2014 - 11:25 p.m.

mysql55 security update

2014-05-2223:25:52
CentOS Project
lists.centos.org
54

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.036

Percentile

91.6%

CentOS Errata and Security Advisory CESA-2014:0537

MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.

This update fixes several vulnerabilities in the MySQL database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2436,
CVE-2014-2440, CVE-2014-0384, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431,
CVE-2014-2432, CVE-2014-2438)

These updated packages upgrade MySQL to version 5.5.37. Refer to the MySQL
Release Notes listed in the References section for a complete list of
changes.

All MySQL users should upgrade to these updated packages, which correct
these issues. After installing this update, the MySQL server daemon
(mysqld) will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-May/082476.html

Affected packages:
mysql55-mysql
mysql55-mysql-bench
mysql55-mysql-devel
mysql55-mysql-libs
mysql55-mysql-server
mysql55-mysql-test

Upstream details at:
https://access.redhat.com/errata/RHSA-2014:0537

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.036

Percentile

91.6%