-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3834-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso April 25, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2017-3302 CVE-2017-3305 CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3600 Debian Bug : 854713 860544 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.55, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html For the stable distribution (jessie), these problems have been fixed in version 5.5.55-0+deb8u1. We recommend that you upgrade your mysql-5.5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlj/Z9hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Sh1xAAoRVCQR6MGesQJt4O8c5EkxGYSy0+80ELNpr5Cqr8Ac7BqxQdcVMDnWb8 5BOwdpkaslbO3B9PWGZRKpgV1FIX/1kKyeJCn8AhHRzJflOLa2SmLdoeWRq3A0db XTzGb+LDXJJSn/c+lte95Le1x7ED/a7GBcpZp4Is2HiDDC05Vwi/wpvtKXDTxnrM kU9cC48aUuunrDNQrpq+x/8hsXeM/nhuvH6SYf70ngmp9EjlQ+1AcAMTyVD72Gtx dUEL3w8rX/Ckp8wuHK5nVrd8YQ58w6ZJN5tYmG7nexyXEa47FHPS99JTwlcDoCo8 ppfUIL6+Paq5hr74wDLygXNEc9U+Pit9y0X3Zw7NInNcktJFYpk2+YOYe0wAjmPQ RX/VQQm5HSeSvoFBZJkYDZ9du4DOGVokNGbCdZIWhKQeGK7W0YZA40G/l10nZH5u 4nSz8LHbyt2yn5j1Qzn8bb4YcNG1mDW0EckU9r30EUsmxfKCho7k0JdcFqKfnRWA yzeT6PocszHmtDgXfTR+uw/3z5UorfdBkWh2L2gF4qhFVhSnqqltreVxyqbtTIjA oKUtemMKwwjokVd3Vlky/yNKHWnFFzZG1xRRxKgzJWj0BG4zZkebq8UZNppkvlRT SlVKOwUjbk9PTIOzaOxWlk1UgYr+RmA+pnU0/CX4VOifANrwUvo= =4Fxf -----END PGP SIGNATURE-----