Lucene search
SuseOPENSUSE-SU-2014:0333-1HistoryMar 06, 2014 - 10:04 a.m.
percona-toolkit,xtrabackup: disable remote version check (important)
2014-03-0610:04:26
lists.opensuse.org
13
EPSS
0.002
Percentile
55.2%
percona-toolkit and xtrabackup were updated:
- disable automatic version check for all tools
[bnc#864194] Prevents transmission of version information
to an external host in the default configuration.
CVE-2014-2029 Can be used by owner of a Percona Server
(or an attacker who can control this destination for the
client) to collect arbitrary MySQL configuration
parameters and execute commands (with -v). Now the
version check needs to be requested via command line or
global/tool specific/user configuration. (–version-check) - added /etc/percona-toolkit/percona-toolkit.conf
configuration directory and template configuration file
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 13.1 | i586 | xtrabackup-debugsource | < 2.1.7-13.2 | xtrabackup-debugsource-2.1.7-13.2.i586.rpm |
| openSUSE | 13.1 | x86_64 | xtrabackup | < 2.1.7-13.2 | xtrabackup-2.1.7-13.2.x86_64.rpm |
| openSUSE | 13.1 | i586 | xtrabackup-debuginfo | < 2.1.7-13.2 | xtrabackup-debuginfo-2.1.7-13.2.i586.rpm |
| openSUSE | 13.1 | noarch | percona-toolkit | < 2.2.7-2.10.1 | percona-toolkit-2.2.7-2.10.1.noarch.rpm |
| openSUSE | 13.1 | x86_64 | xtrabackup-debuginfo | < 2.1.7-13.2 | xtrabackup-debuginfo-2.1.7-13.2.x86_64.rpm |
| openSUSE | 13.1 | x86_64 | xtrabackup-debugsource | < 2.1.7-13.2 | xtrabackup-debugsource-2.1.7-13.2.x86_64.rpm |
| openSUSE | 13.1 | i586 | xtrabackup | < 2.1.7-13.2 | xtrabackup-2.1.7-13.2.i586.rpm |
References
Related
cvelist
cvelist
CVE-2014-2029
2017-09-28 19:00:00
nessus
nessus
openSUSE Security Update : percona-toolkit (openSUSE-SU-2014:0361-1)
2014-06-13 00:00:00
openSUSE Security Update : percona-toolkit / xtrabackup (openSUSE-SU-2014:0333-1)
2014-06-13 00:00:00
openSUSE Security Update : xtrabackup (openSUSE-SU-2014:0363-1)
2014-06-13 00:00:00
openvas
openvas
debiancve
debiancve
CVE-2014-2029
2017-09-29 01:34:47
nvd
nvd
CVE-2014-2029
2017-09-29 01:34:47
prion
prion
Design/Logic Flaw
2017-09-29 01:34:00
ubuntucve
ubuntucve
CVE-2014-2029
2017-09-29 00:00:00
cve
cve
CVE-2014-2029
2017-09-29 01:34:47
osv
osv
percona-toolkit-2.2.18-1.1 on GA media
2024-06-15 00:00:00
xtrabackup-2.3.5-1.3 on GA media
2024-06-15 00:00:00