You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa community-mysql

Sigurnosni nedostaci programskog paketa community-mysql

——————————————————————————–
Fedora Update Notification
FEDORA-2018-f67fda3db6
2018-09-11 16:50:57.487926
——————————————————————————–

Name : community-mysql
Product : Fedora 28
Version : 5.7.23
Release : 1.fc28
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.

——————————————————————————–
Update Information:

**MySQL 5.7.23** Release notes
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-23.html CVEs fixed
CVE-2018-2767 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061
CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070
CVE-2018-3071 CVE-2018-3077 CVE-2018-3081
——————————————————————————–
ChangeLog:

* Thu Aug 23 2018 Michal Schorm <mschorm@redhat.com> – 5.7.23-1
– Rebase to 5.7.23 version
– OpenSSL 1.1 patch removed; fixed by upstream
– CVE fixes: #1564967
CVE-2018-2767
– CVE fixes: #1602383
CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062
CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071
CVE-2018-3077 CVE-2018-3081
* Thu Apr 19 2018 Michal Schorm <mschorm@redhat.com> – 5.7.22-1
– Rebase to 5.7.22 version
– CVE fixes: #1568963
CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762
CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775
CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780
CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787
CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817
CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-2846
——————————————————————————–
References:

[ 1 ] Bug #1602383 – CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-3081 community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1602383
[ 2 ] Bug #1564967 – CVE-2018-2767 community-mysql: mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1564967
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-f67fda3db6’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak jezgre operacijskog sustava FreeBSD. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja ili otkrivanje osjetljivih informacija....

Close