Security update for mysql, mysql-client (important)

2013-10-07T22:04:14
ID SUSE-SU-2013:1529-1
Type suse
Reporter Suse
Modified 2013-10-07T22:04:14

Description

This version upgrade of mysql to 5.5.33 fixed multiple security issues:

  • CVE-2013-1861 CVE-2013-3783 CVE-2013-3793 CVE-2013-3794
  • CVE-2013-3795 CVE-2013-3796 CVE-2013-3798 CVE-2013-3801
  • CVE-2013-3802 CVE-2013-3804 CVE-2013-3805 CVE-2013-3806
  • CVE-2013-3807 CVE-2013-3808 CVE-2013-3809 CVE-2013-3810
  • CVE-2013-3811 CVE-2013-3812

Additionally, it contains numerous bug fixes and improvements.:

  • fixed mysqldump with MySQL 5.0 (bnc#768832)
  • fixed log rights (bnc#789263 and bnc#803040 and bnc#792332)
  • binlog disabled in default configuration (bnc#791863)
  • fixed dependencies for client package (bnc#780019)
  • minor polishing of spec/installation
  • avoid file conflicts with mytop
  • better fix for hardcoded libdir issue
  • fixed hardcoded plugin paths (bnc#834028)
  • use chown --no-dereference instead of chown to improve security (bnc#834967)
  • adjust to spell !includedir correctly in /etc/my.cnf (bnc#734436)
  • typo in init script stops database on update (bnc#837801)