openSUSE Security Update : mysql-community-server (openSUSE-2017-1196)

medium Nessus Plugin ID 104234

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for mysql-community-server to 5.6.38 fixes the following issues :

Full list of changes :

http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html

CVEs fixed :

- [boo#1064116] CVE-2017-10379

- [boo#1064117] CVE-2017-10384

- [boo#1064115] CVE-2017-10378

- [boo#1064101] CVE-2017-10268

- [boo#1064096] CVE-2017-10155

- [boo#1064118] CVE-2017-3731

- [boo#1064102] CVE-2017-10276

- [boo#1064105] CVE-2017-10283

- [boo#1064112] CVE-2017-10314

- [boo#1064100] CVE-2017-10227

- [boo#1064104] CVE-2017-10279

- [boo#1064108] CVE-2017-10294

- [boo#1064107] CVE-2017-10286

Additional changes :

- add 'BuildRequires: unixODBC-devel' to allow ODBC support for Connect engine [boo#1039034]

- update filename in /var/adm/update-messages to match documentation, and build-compare pattern

- some scripts from the tools subpackage, namely:
wsrep_sst_xtrabackup, wsrep_sst_mariabackup.sh and wsrep_sst_xtrabackup-v2.sh need socat

- fixed incorrect descriptions and mismatching RPM groups

Solution

Update the affected mysql-community-server packages.

Plugin Details

Severity: Medium

ID: 104234

File Name: openSUSE-2017-1196.nasl

Version: 3.6

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 10/30/2017

Updated: 11/17/2025

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS Score Source: CVE-2017-10379

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18, p-cpe:/a:novell:opensuse:mysql-community-server-bench, p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server, p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit, p-cpe:/a:novell:opensuse:mysql-community-server-debugsource, p-cpe:/a:novell:opensuse:mysql-community-server-tools, p-cpe:/a:novell:opensuse:libmysql56client18-32bit, p-cpe:/a:novell:opensuse:mysql-community-server-errormessages, p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo, cpe:/o:novell:opensuse:42.2, p-cpe:/a:novell:opensuse:libmysql56client_r18, p-cpe:/a:novell:opensuse:mysql-community-server-client, p-cpe:/a:novell:opensuse:mysql-community-server-test, p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo, cpe:/o:novell:opensuse:42.3, p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 10/27/2017

Reference Information

CVE: CVE-2017-10155, CVE-2017-10227, CVE-2017-10268, CVE-2017-10276, CVE-2017-10279, CVE-2017-10283, CVE-2017-10286, CVE-2017-10294, CVE-2017-10314, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017-3731

Detections

Analytics

openSUSE Security Update : mysql-community-server (openSUSE-2017-1196)

medium Nessus Plugin ID 104234

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information