- -------------------------------------------------------------------------
Debian Security Advisory DSA-3229-1                   security@debian.org
https://www.debian.org/security/                      Salvatore Bonaccorso
April 19, 2015                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mysql-5.5
CVE ID         : CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 
                 CVE-2015-0505 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573
Debian Bug     : 782645

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.43. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-42.html
 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-43.html
 https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

For the stable distribution (wheezy), these problems have been fixed in
version 5.5.43-0+deb7u1.

For the upcoming stable distribution (jessie), these problems will be
fixed in version 5.5.43-0+deb8u1. Updated packages are already available
through jessie-security.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org