-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:007 http://www.mandriva.com/security/ _______________________________________________________________________ Package : mysql Date : February 5, 2013 Affected: 2011. _______________________________________________________________________ Problem Description: This is a maintenance and bugfix release that upgrades mysql to the latest version which resolves various upstream bugs and a total of 18 security related bugs (CVE-2012-0572, CVE-2012-0574, CVE-2012-0578, CVE-2012-1702, CVE-2012-1705, CVE-2012-5060, CVE-2012-5096, CVE-2012-5611, CVE-2012-5612, CVE-2013-0367, CVE-2013-0368, CVE-2013-0371, CVE-2013-0375, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0386, CVE-2013-0389). Please consult the Oracle security matrix for further information regarding these security issues and the MySQL release notes. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0574 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0578 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1705 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5060 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5096 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0367 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0368 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0371 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0383 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0389 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-29.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2011: 1a4fc5fbdceaa4c143ee87545716601e 2011/i586/libmysql18-5.5.30-0.1-mdv2011.0.i586.rpm af2522fe92d2a256e094b06a126f346b 2011/i586/libmysqld0-5.5.30-0.1-mdv2011.0.i586.rpm c165ef3f7c3f7b6baa1b83d16fe46280 2011/i586/libmysql-devel-5.5.30-0.1-mdv2011.0.i586.rpm 23fea2448312453c54de088f3e329c4f 2011/i586/libmysqlservices0-5.5.30-0.1-mdv2011.0.i586.rpm 3380f6d5fb20ae1d04c98e3f0208f28e 2011/i586/libmysql-static-devel-5.5.30-0.1-mdv2011.0.i586.rpm c00bbdcaac032d6149b5b6dac50eb073 2011/i586/mysql-5.5.30-0.1-mdv2011.0.i586.rpm b2bf79df355db81a5b281e11bc581b3a 2011/i586/mysql-bench-5.5.30-0.1-mdv2011.0.i586.rpm 7548d7007885217095be0639506e7ad2 2011/i586/mysql-client-5.5.30-0.1-mdv2011.0.i586.rpm 03c08f4ef60439334ffc6aea261a3c1e 2011/i586/mysql-common-5.5.30-0.1-mdv2011.0.i586.rpm 252413d2b6bf637f622b3681783db264 2011/i586/mysql-common-core-5.5.30-0.1-mdv2011.0.i586.rpm 8465acae511092c5a0355c24960f1267 2011/i586/mysql-core-5.5.30-0.1-mdv2011.0.i586.rpm f2d899a92d8afabe3a3bd18859c8669a 2011/SRPMS/mysql-5.5.30-0.1.src.rpm Mandriva Linux 2011/X86_64: ae323a15adff31c83025bb2fa5be1758 2011/x86_64/lib64mysql18-5.5.30-0.1-mdv2011.0.x86_64.rpm 356ba2fba96ba94846fcd1696f4bf7a4 2011/x86_64/lib64mysqld0-5.5.30-0.1-mdv2011.0.x86_64.rpm 7e249f01a94bee5da76ef32fef34f7dc 2011/x86_64/lib64mysql-devel-5.5.30-0.1-mdv2011.0.x86_64.rpm 6090c7125d1d500ba09c811f4a7b6451 2011/x86_64/lib64mysqlservices0-5.5.30-0.1-mdv2011.0.x86_64.rpm e78bd064a860f94cec1489489c8ce37d 2011/x86_64/lib64mysql-static-devel-5.5.30-0.1-mdv2011.0.x86_64.rpm 1865b7e9f980a731467cd485dadc7cb4 2011/x86_64/mysql-5.5.30-0.1-mdv2011.0.x86_64.rpm fdc6f92185ec43575958ea5de40b0eff 2011/x86_64/mysql-bench-5.5.30-0.1-mdv2011.0.x86_64.rpm 7ec9f820d489a69460bec9d8f54a98d9 2011/x86_64/mysql-client-5.5.30-0.1-mdv2011.0.x86_64.rpm fab34328d8414d70d8e0ab1fd396a231 2011/x86_64/mysql-common-5.5.30-0.1-mdv2011.0.x86_64.rpm 13b11ba63c24e3b42d6b7d58a3311ee0 2011/x86_64/mysql-common-core-5.5.30-0.1-mdv2011.0.x86_64.rpm eef523ed0ff75b75e9e0eab8163020d6 2011/x86_64/mysql-core-5.5.30-0.1-mdv2011.0.x86_64.rpm f2d899a92d8afabe3a3bd18859c8669a 2011/SRPMS/mysql-5.5.30-0.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFREQd8mqjQ0CJFipgRAvrBAJ0Q6u4kCeuk+/KFykCa9ABrTOP/ZQCfUI46 j7vNF+oqv3Qxpms4heDdYZc= =DqUH -----END PGP SIGNATURE-----
