openSUSE Security Update : mysql-community-server (openSUSE-2017-1196)

Medium Nessus Plugin ID 104234

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for mysql-community-server to 5.6.38 fixes the following issues :

Full list of changes :

http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html

CVEs fixed :

- [boo#1064116] CVE-2017-10379

- [boo#1064117] CVE-2017-10384

- [boo#1064115] CVE-2017-10378

- [boo#1064101] CVE-2017-10268

- [boo#1064096] CVE-2017-10155

- [boo#1064118] CVE-2017-3731

- [boo#1064102] CVE-2017-10276

- [boo#1064105] CVE-2017-10283

- [boo#1064112] CVE-2017-10314

- [boo#1064100] CVE-2017-10227

- [boo#1064104] CVE-2017-10279

- [boo#1064108] CVE-2017-10294

- [boo#1064107] CVE-2017-10286

Additional changes :

- add 'BuildRequires: unixODBC-devel' to allow ODBC support for Connect engine [boo#1039034]

- update filename in /var/adm/update-messages to match documentation, and build-compare pattern

- some scripts from the tools subpackage, namely:
wsrep_sst_xtrabackup, wsrep_sst_mariabackup.sh and wsrep_sst_xtrabackup-v2.sh need socat

- fixed incorrect descriptions and mismatching RPM groups

Solution

Update the affected mysql-community-server packages.

See Also

https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html

https://bugzilla.opensuse.org/show_bug.cgi?id=1039034

https://bugzilla.opensuse.org/show_bug.cgi?id=1064096

https://bugzilla.opensuse.org/show_bug.cgi?id=1064100

https://bugzilla.opensuse.org/show_bug.cgi?id=1064101

https://bugzilla.opensuse.org/show_bug.cgi?id=1064102

https://bugzilla.opensuse.org/show_bug.cgi?id=1064104

https://bugzilla.opensuse.org/show_bug.cgi?id=1064105

https://bugzilla.opensuse.org/show_bug.cgi?id=1064107

https://bugzilla.opensuse.org/show_bug.cgi?id=1064108

https://bugzilla.opensuse.org/show_bug.cgi?id=1064112

https://bugzilla.opensuse.org/show_bug.cgi?id=1064115

https://bugzilla.opensuse.org/show_bug.cgi?id=1064116

https://bugzilla.opensuse.org/show_bug.cgi?id=1064117

https://bugzilla.opensuse.org/show_bug.cgi?id=1064118

https://bugzilla.opensuse.org/show_bug.cgi?id=1064119

Plugin Details

Severity: Medium

ID: 104234

File Name: openSUSE-2017-1196.nasl

Version: 3.3

Type: local

Agent: unix

Published: 2017/10/30

Updated: 2018/11/19

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmysql56client18, p-cpe:/a:novell:opensuse:libmysql56client18-32bit, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit, p-cpe:/a:novell:opensuse:libmysql56client_r18, p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit, p-cpe:/a:novell:opensuse:mysql-community-server, p-cpe:/a:novell:opensuse:mysql-community-server-bench, p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-client, p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-debugsource, p-cpe:/a:novell:opensuse:mysql-community-server-errormessages, p-cpe:/a:novell:opensuse:mysql-community-server-test, p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-tools, p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo, cpe:/o:novell:opensuse:42.2, cpe:/o:novell:opensuse:42.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2017/10/27

Reference Information

CVE: CVE-2017-10155, CVE-2017-10227, CVE-2017-10268, CVE-2017-10276, CVE-2017-10279, CVE-2017-10283, CVE-2017-10286, CVE-2017-10294, CVE-2017-10314, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017-3731