Security update for mysql (important)

2016-09-20T20:09:32
ID SUSE-SU-2016:2343-1
Type suse
Reporter Suse
Modified 2016-09-20T20:09:32

Description

This mysql update to verson 5.5.52 fixes the following issues:

Security issues fixed: - CVE-2016-3477: Fixed unspecified vulnerability in subcomponent parser (bsc#989913). - CVE-2016-3521: Fixed unspecified vulnerability in subcomponent types (bsc#989919). - CVE-2016-3615: Fixed unspecified vulnerability in subcomponent dml (bsc#989922). - CVE-2016-5440: Fixed unspecified vulnerability in subcomponent rbr (bsc#989926). - CVE-2016-6662: A malicious user with SQL and filesystem access could create a my.cnf in the datadir and , under certain circumstances, execute arbitrary code as mysql (or even root) user. (bsc#998309)

More details can be found on: <a rel="nofollow" href="http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html">http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html</a> <a rel="nofollow" href="http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html">http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html</a> <a rel="nofollow" href="http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html">http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html</a>

Bugs fixed: - bsc#967374: properly restart mysql multi instances during upgrade - bnc#937258: multi script to restart after crash