Home / mailings [USN-2384-1] MySQL vulnerabilities
Posted on 15 October 2014
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update include=
s
a new upstream MySQL version to fix these issues. MySQL has been updated =
to
5.5.40.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html=
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.=
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
