Amazon Linux AMI : mysql (ALAS-2012-44)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote Amazon Linux AMI host is missing a security update.

Description :

This update fixes several vulnerabilities in the MySQL database
server. Information about these flaws can be found on the Oracle
Critical Patch Update Advisory page, listed in the References section.
(CVE-2011-2262 , CVE-2012-0075 , CVE-2012-0087 , CVE-2012-0101 ,
CVE-2012-0102 , CVE-2012-0112 , CVE-2012-0113 , CVE-2012-0114 ,
CVE-2012-0115 , CVE-2012-0116 , CVE-2012-0118 , CVE-2012-0119 ,
CVE-2012-0120 , CVE-2012-0484 , CVE-2012-0485 , CVE-2012-0490 ,
CVE-2012-0492)

These updated packages upgrade MySQL to version 5.1.61. Refer to the
MySQL release notes for a full list of changes :

See also :

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html
https://alas.aws.amazon.com/ALAS-2012-44.html

Solution :

Run 'yum update mysql' to update your system.

Risk factor :

Medium / CVSS Base Score : 5.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P)