GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Thu Nov 06, 2014 12:26 am Post subject: [ GLSA 201411-02 ] MySQL, MariaDB: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: MySQL, MariaDB: Multiple vulnerabilities (GLSA 201411-02)
Severity: normal
Exploitable: remote
Date: November 05, 2014
Bug(s): #525504
ID: 201411-02
Synopsis
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact.
Background
MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected Packages
Package: dev-db/mysql
Vulnerable: < 5.5.40
Unaffected: >= 5.5.40
Architectures: All supported architectures
Package: dev-db/mariadb
Vulnerable: < 5.5.40-r1
Unaffected: >= 5.5.40-r1
Architectures: All supported architectures
Description
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All MySQL users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
|
All MariaDB users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
|
References
CVE-2014-6464
CVE-2014-6469
CVE-2014-6491
CVE-2014-6494
CVE-2014-6496
CVE-2014-6500
CVE-2014-6507
CVE-2014-6555
CVE-2014-6559 |
|
News & Announcements
