Amazon Linux AMI : mysql (ALAS-2012-44)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Amazon Linux AMI host is missing a security update.

Description :

This update fixes several vulnerabilities in the MySQL database
server. Information about these flaws can be found on the Oracle
Critical Patch Update Advisory page, listed in the References section.
(CVE-2011-2262 , CVE-2012-0075 , CVE-2012-0087 , CVE-2012-0101 ,
CVE-2012-0102 , CVE-2012-0112 , CVE-2012-0113 , CVE-2012-0114 ,
CVE-2012-0115 , CVE-2012-0116 , CVE-2012-0118 , CVE-2012-0119 ,
CVE-2012-0120 , CVE-2012-0484 , CVE-2012-0485 , CVE-2012-0490 ,
CVE-2012-0492)

These updated packages upgrade MySQL to version 5.1.61. Refer to the
MySQL release notes for a full list of changes :

See also :

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html
http://www.nessus.org/u?8140e0ad

Solution :

Run 'yum update mysql' to update your system.

Risk factor :

Medium / CVSS Base Score : 5.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P)