openSUSE Security Update : mysql-community-server (openSUSE-2015-608)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The MySQL Community Server edition was updated to 5.6.26, fixing
security issues and bugs.

All changes:
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-26.html

- Fixed CVEs: CVE-2015-2617, CVE-2015-2648, CVE-2015-2611,
CVE-2015-2582 CVE-2015-4752, CVE-2015-4756,
CVE-2015-2643, CVE-2015-4772 CVE-2015-4761,
CVE-2015-4757, CVE-2015-4737, CVE-2015-4771
CVE-2015-4769, CVE-2015-2639, CVE-2015-2620,
CVE-2015-2641 CVE-2015-2661, CVE-2015-4767

- disable Performance Schema by default. Since MySQL 5.6.6
upstream enabled Performance Schema by default which
results in increased memory usage. The added option
disable Performance Schema again in order to decrease
MySQL memory usage [bnc#852477].

- install INFO_BIN and INFO_SRC, noticed in MDEV-6912

- remove superfluous '--group' parameter from
mysql-systemd-helper

- make -devel package installable in the presence of
LibreSSL

- cleanup after the update-message if it was displayed

- add 'exec' to mysql-systemd-helper to shutdown
mysql/mariadb cleanly [bnc#943096]

See also :

http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-26.html
https://bugzilla.opensuse.org/show_bug.cgi?id=852477
https://bugzilla.opensuse.org/show_bug.cgi?id=902396
https://bugzilla.opensuse.org/show_bug.cgi?id=938412
https://bugzilla.opensuse.org/show_bug.cgi?id=942908
https://bugzilla.opensuse.org/show_bug.cgi?id=943096

Solution :

Update the affected mysql-community-server packages.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now