Mandriva Linux Security Advisory : mysql (MDVSA-2013:007)

Medium Nessus Plugin ID 64505

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

This is a maintenance and bugfix release that upgrades mysql to the latest version which resolves various upstream bugs and a total of 18 security related bugs (CVE-2012-0572, CVE-2012-0574, CVE-2012-0578, CVE-2012-1702, CVE-2012-1705, CVE-2012-5060, CVE-2012-5096, CVE-2012-5611, CVE-2012-5612, CVE-2013-0367, CVE-2013-0368, CVE-2013-0371, CVE-2013-0375, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0386, CVE-2013-0389).

Please consult the Oracle security matrix for further information regarding these security issues and the MySQL release notes.

Solution

Update the affected packages.

See Also

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-29.html

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html

http://www.nessus.org/u?b56cce0c

Plugin Details

Severity: Medium

ID: 64505

File Name: mandriva_MDVSA-2013-007.nasl

Version: 1.9

Type: local

Published: 2013/02/09

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64mysql-devel, p-cpe:/a:mandriva:linux:lib64mysql-static-devel, p-cpe:/a:mandriva:linux:lib64mysql18, p-cpe:/a:mandriva:linux:lib64mysqld0, p-cpe:/a:mandriva:linux:lib64mysqlservices0, p-cpe:/a:mandriva:linux:libmysql-devel, p-cpe:/a:mandriva:linux:libmysql-static-devel, p-cpe:/a:mandriva:linux:libmysql18, p-cpe:/a:mandriva:linux:libmysqld0, p-cpe:/a:mandriva:linux:libmysqlservices0, p-cpe:/a:mandriva:linux:mysql, p-cpe:/a:mandriva:linux:mysql-bench, p-cpe:/a:mandriva:linux:mysql-client, p-cpe:/a:mandriva:linux:mysql-common, p-cpe:/a:mandriva:linux:mysql-common-core, p-cpe:/a:mandriva:linux:mysql-core, cpe:/o:mandriva:linux:2011

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/02/05

Reference Information

CVE: CVE-2012-0572, CVE-2012-0574, CVE-2012-0578, CVE-2012-1702, CVE-2012-1705, CVE-2012-5060, CVE-2012-5096, CVE-2012-5611, CVE-2012-5612, CVE-2013-0367, CVE-2013-0368, CVE-2013-0371, CVE-2013-0375, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0386, CVE-2013-0389

BID: 56768, 56769, 57334, 57385, 57388, 57391, 57397, 57400, 57405, 57408, 57410, 57411, 57412, 57414, 57415, 57416, 57417, 57418

MDVSA: 2013:007