UbuntuUSN-3799-1MySQL vulnerabilities
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
High
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.01 Low
EPSS
Percentile
83.3%
Releases
- Ubuntu 18.10
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Packages
- mysql-5.5 - MySQL database
- mysql-5.7 - MySQL database
Details
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.62 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to MySQL 5.7.24.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
<http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-62.html>
<http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-24.html>
<https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 18.10 | noarch | mysql-server-5.7 | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | libmysqlclient-dev | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | libmysqlclient20 | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | libmysqlclient20-dbgsym | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | libmysqld-dev | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | mysql-client | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | mysql-client-5.7 | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | mysql-client-5.7-dbgsym | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | mysql-client-core-5.7 | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
| Ubuntu | 18.10 | noarch | mysql-client-core-5.7-dbgsym | < 5.7.24-0ubuntu0.18.10.1 | UNKNOWN |
References
ubuntu.com/security/CVE-2018-3133
ubuntu.com/security/CVE-2018-3143
ubuntu.com/security/CVE-2018-3144
ubuntu.com/security/CVE-2018-3155
ubuntu.com/security/CVE-2018-3156
ubuntu.com/security/CVE-2018-3161
ubuntu.com/security/CVE-2018-3162
ubuntu.com/security/CVE-2018-3171
ubuntu.com/security/CVE-2018-3173
ubuntu.com/security/CVE-2018-3174
ubuntu.com/security/CVE-2018-3185
ubuntu.com/security/CVE-2018-3187
ubuntu.com/security/CVE-2018-3200
ubuntu.com/security/CVE-2018-3247
ubuntu.com/security/CVE-2018-3251
ubuntu.com/security/CVE-2018-3276
ubuntu.com/security/CVE-2018-3277
ubuntu.com/security/CVE-2018-3278
ubuntu.com/security/CVE-2018-3282
ubuntu.com/security/CVE-2018-3283
ubuntu.com/security/CVE-2018-3284
Related
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
High
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.01 Low
EPSS
Percentile
83.3%