Scientific Linux Security Update : mysql on SL6.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

MySQL is a multi-user, multi-threaded SQL database server. It consists
of the MySQL server daemon (mysqld) and many client programs and
libraries.

This update fixes several vulnerabilities in the MySQL database
server. Information about these flaws can be found on the Oracle
Critical Patch Update Advisory page, listed in the References section.
(CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101,
CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114,
CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119,
CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490,
CVE-2012-0492)

These updated packages upgrade MySQL to version 5.1.61. Refer to the
MySQL release notes for a full list of changes :

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html

All MySQL users should upgrade to these updated packages, which
correct these issues. After installing this update, the MySQL server
daemon (mysqld) will be restarted automatically.

See also :

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html
http://www.nessus.org/u?19d88e7a

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P)