You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa community-mysql

Sigurnosni nedostaci programskog paketa community-mysql

——————————————————————————–
Fedora Update Notification
FEDORA-2019-c106e46a95
2019-09-04 03:10:52.820122
——————————————————————————–

Name : community-mysql
Product : Fedora 30
Version : 8.0.17
Release : 2.fc30
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.

——————————————————————————–
Update Information:

**MySQL 8.0.17** This update brings the latest MySQL 8.0.17 which fixes severe
security issues. Now available as both a standard package and a module! Release
notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-17.html
Mainatiner notes: * The MySQL Modules are now built from the same sources
as the base packages, so the should be identical * The package is now being
built with number of standard Fedora build flags that has not been used before.
The package should be now more stable and secure. * In Modules, the bug
#1729133 still exists * The MySQL 5.7 and 5.6 Modules may exists, but I’m
out of capacity to maintain them. Whenever possible upgrade to MySQL 8.
——————————————————————————–
ChangeLog:

* Mon Aug 19 2019 Michal Schorm <mschorm@redhat.com> – 8.0.17-2
– Use RELRO hardening on all binaries
* Wed Jul 31 2019 Lars Tangvald <lars.tangvald@oracle.com> – 8.0.17-1
– Update to MySQL 8.0.17
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> – 8.0.16-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed May 1 2019 Michal Schorm <mschorm@redhat.com> – 8.0.16-2
– Remove SysVInit stuff, no longer needed
– Clean up the SPECfile
* Fri Apr 26 2019 Lars Tangvald <lars.tangvald@oracle.com> – 8.0.16-1
– Update to MySQL 8.0.16
– Rediff sharedir patch
– Refresh skip list and use new, required format
– Remove GCC9 patch now upstream
– Upstream: my_safe_process renamed and moved into proper location
– Use upstream option to skip router build
– OpenSSL 1.1.1 and TLSv1.3 is now supported, enable tests
– Update version of bundled Boost
– Start requiring mysql-selinux package
——————————————————————————–
References:

[ 1 ] Bug #1577199 – RFE: Ship selinux-policy in the package
https://bugzilla.redhat.com/show_bug.cgi?id=1577199
[ 2 ] Bug #1706923 – CVE-2019-2580 CVE-2019-2581 CVE-2019-2584 CVE-2019-2585 CVE-2019-2587 CVE-2019-2589 CVE-2019-2592 CVE-2019-2593 CVE-2019-2596 CVE-2019-2606 CVE-2019-2607 CVE-2019-2614 CVE-2019-2617 CVE-2019-2620 … community-mysql: various flaws [fedora-29]
https://bugzilla.redhat.com/show_bug.cgi?id=1706923
[ 3 ] Bug #1735044 – community-mysql: FTBFS in Fedora rawhide/f31
https://bugzilla.redhat.com/show_bug.cgi?id=1735044
[ 4 ] Bug #1732044 – CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2752 CVE-2019-2755 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2780 CVE-2019-2784 CVE-2019-2785 CVE-2019-2789 … community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1732044
[ 5 ] Bug #1742172 – community-mysql-8.0.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1742172
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-c106e46a95’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa jenkins-2-plugins

Otkriveni su sigurnosni nedostaci u programskom paketu jenkins-2-plugins za Red Hat OpenShift Container Platform. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju...

Close