Discover Government News

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201308-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: MySQL: Multiple vulnerabilities
     Date: August 29, 2013
     Bugs: #399375, #411503, #412889, #417989, #445602, #462498,
           #466236, #477474
       ID: 201308-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in MySQL, allowing attackersto execute arbitrary code or cause Denial of Service.

Background
=========
MySQL is a fast, multi-threaded, multi-user SQL database server.

Affected packages
================
    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  dev-db/mysql                 < 5.1.70                  >= 5.1.70

Description
==========
Multiple vulnerabilities have been discovered in MySQL. Please review
the CVE identifiers referenced below for details.

Impact
=====
A remote attacker could send a specially crafted request, possibly
resulting in execution of arbitrary code with the privileges of the
application or a Denial of Service condition.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All MySQL users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.1.70"

References
=========
[   1 ] CVE-2011-2262
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2262
[   2 ] CVE-2012-0075
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0075
[   3 ] CVE-2012-0087
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0087
[   4 ] CVE-2012-0101
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0101
[   5 ] CVE-2012-0102
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0102
[   6 ] CVE-2012-0112
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0112
[   7 ] CVE-2012-0113
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0113
[   8 ] CVE-2012-0114
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0114
[   9 ] CVE-2012-0115
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0115
[  10 ] CVE-2012-0116
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0116
[  11 ] CVE-2012-0117
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0117
[  12 ] CVE-2012-0118
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0118
[  13 ] CVE-2012-0119
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0119
[  14 ] CVE-2012-0120
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0120
[  15 ] CVE-2012-0484
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0484
[  16 ] CVE-2012-0485
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0485
[  17 ] CVE-2012-0486
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0486
[  18 ] CVE-2012-0487
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0487
[  19 ] CVE-2012-0488
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0488
[  20 ] CVE-2012-0489
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0489
[  21 ] CVE-2012-0490
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0490
[  22 ] CVE-2012-0491
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0491
[  23 ] CVE-2012-0492
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0492
[  24 ] CVE-2012-0493
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0493
[  25 ] CVE-2012-0494
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0494
[  26 ] CVE-2012-0495
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0495
[  27 ] CVE-2012-0496
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0496
[  28 ] CVE-2012-0540
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0540
[  29 ] CVE-2012-0553
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0553
[  30 ] CVE-2012-0572
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0572
[  31 ] CVE-2012-0574
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0574
[  32 ] CVE-2012-0578
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0578
[  33 ] CVE-2012-0583
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0583
[  34 ] CVE-2012-1492
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1492
[  35 ] CVE-2012-1623
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1623
[  36 ] CVE-2012-1688
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1688
[  37 ] CVE-2012-1689
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1689
[  38 ] CVE-2012-1690
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1690
[  39 ] CVE-2012-1696
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1696
[  40 ] CVE-2012-1697
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1697
[  41 ] CVE-2012-1702
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1702
[  42 ] CVE-2012-1703
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1703
[  43 ] CVE-2012-1705
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1705
[  44 ] CVE-2012-1734
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1734
[  45 ] CVE-2012-2102
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2102
[  46 ] CVE-2012-2122
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2122
[  47 ] CVE-2012-2749
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2749
[  48 ] CVE-2012-3150
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3150
[  49 ] CVE-2012-3158
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3158
[  50 ] CVE-2012-3160
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3160
[  51 ] CVE-2012-3163
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3163
[  52 ] CVE-2012-3166
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3166
[  53 ] CVE-2012-3167
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3167
[  54 ] CVE-2012-3173
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3173
[  55 ] CVE-2012-3177
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3177
[  56 ] CVE-2012-3180
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3180
[  57 ] CVE-2012-3197
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3197
[  58 ] CVE-2012-5060
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5060
[  59 ] CVE-2012-5096
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5096
[  60 ] CVE-2012-5611
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5611
[  61 ] CVE-2012-5612
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5612
[  62 ] CVE-2012-5613
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5613
[  63 ] CVE-2012-5614
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5614
[  64 ] CVE-2012-5615
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5615
[  65 ] CVE-2012-5627
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5627
[  66 ] CVE-2013-0367
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0367
[  67 ] CVE-2013-0368
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0368
[  68 ] CVE-2013-0371
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0371
[  69 ] CVE-2013-0375
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0375
[  70 ] CVE-2013-0383
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0383
[  71 ] CVE-2013-0384
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0384
[  72 ] CVE-2013-0385
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0385
[  73 ] CVE-2013-0386
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0386
[  74 ] CVE-2013-0389
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0389
[  75 ] CVE-2013-1502
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502
[  76 ] CVE-2013-1506
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506
[  77 ] CVE-2013-1511
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511
[  78 ] CVE-2013-1512
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512
[  79 ] CVE-2013-1521
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521
[  80 ] CVE-2013-1523
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523
[  81 ] CVE-2013-1526
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526
[  82 ] CVE-2013-1531
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531
[  83 ] CVE-2013-1532
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532
[  84 ] CVE-2013-1544
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544
[  85 ] CVE-2013-1548
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548
[  86 ] CVE-2013-1552
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552
[  87 ] CVE-2013-1555
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555
[  88 ] CVE-2013-1566
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566
[  89 ] CVE-2013-1567
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567
[  90 ] CVE-2013-1570
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570
[  91 ] CVE-2013-2375
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375
[  92 ] CVE-2013-2376
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376
[  93 ] CVE-2013-2378
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378
[  94 ] CVE-2013-2381
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381
[  95 ] CVE-2013-2389
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389
[  96 ] CVE-2013-2391
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391
[  97 ] CVE-2013-2392
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392
[  98 ] CVE-2013-2395
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395
[  99 ] CVE-2013-3802
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3802
[ 100 ] CVE-2013-3804
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3804
[ 101 ] CVE-2013-3808
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3808

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201308-06

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5/

Gentoo: GLSA-201308-06: MySQL: Multiple vulnerabilities

Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service.

Summary

Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details.

Resolution

All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.1.70"

References

[ 1 ] CVE-2011-2262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2262 [ 2 ] CVE-2012-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0075 [ 3 ] CVE-2012-0087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0087 [ 4 ] CVE-2012-0101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0101 [ 5 ] CVE-2012-0102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0102 [ 6 ] CVE-2012-0112 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0112 [ 7 ] CVE-2012-0113 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0113 [ 8 ] CVE-2012-0114 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0114 [ 9 ] CVE-2012-0115 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0115 [ 10 ] CVE-2012-0116 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0116 [ 11 ] CVE-2012-0117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0117 [ 12 ] CVE-2012-0118 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0118 [ 13 ] CVE-2012-0119 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0119 [ 14 ] CVE-2012-0120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0120 [ 15 ] CVE-2012-0484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0484 [ 16 ] CVE-2012-0485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0485 [ 17 ] CVE-2012-0486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0486 [ 18 ] CVE-2012-0487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0487 [ 19 ] CVE-2012-0488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0488 [ 20 ] CVE-2012-0489 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0489 [ 21 ] CVE-2012-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0490 [ 22 ] CVE-2012-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0491 [ 23 ] CVE-2012-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0492 [ 24 ] CVE-2012-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0493 [ 25 ] CVE-2012-0494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0494 [ 26 ] CVE-2012-0495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0495 [ 27 ] CVE-2012-0496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0496 [ 28 ] CVE-2012-0540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0540 [ 29 ] CVE-2012-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0553 [ 30 ] CVE-2012-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0572 [ 31 ] CVE-2012-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0574 [ 32 ] CVE-2012-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0578 [ 33 ] CVE-2012-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0583 [ 34 ] CVE-2012-1492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1492 [ 35 ] CVE-2012-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1623 [ 36 ] CVE-2012-1688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1688 [ 37 ] CVE-2012-1689 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1689 [ 38 ] CVE-2012-1690 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1690 [ 39 ] CVE-2012-1696 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1696 [ 40 ] CVE-2012-1697 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1697 [ 41 ] CVE-2012-1702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1702 [ 42 ] CVE-2012-1703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1703 [ 43 ] CVE-2012-1705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1705 [ 44 ] CVE-2012-1734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1734 [ 45 ] CVE-2012-2102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2102 [ 46 ] CVE-2012-2122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2122 [ 47 ] CVE-2012-2749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2749 [ 48 ] CVE-2012-3150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3150 [ 49 ] CVE-2012-3158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3158 [ 50 ] CVE-2012-3160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3160 [ 51 ] CVE-2012-3163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3163 [ 52 ] CVE-2012-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3166 [ 53 ] CVE-2012-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3167 [ 54 ] CVE-2012-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3173 [ 55 ] CVE-2012-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3177 [ 56 ] CVE-2012-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3180 [ 57 ] CVE-2012-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3197 [ 58 ] CVE-2012-5060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5060 [ 59 ] CVE-2012-5096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5096 [ 60 ] CVE-2012-5611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5611 [ 61 ] CVE-2012-5612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5612 [ 62 ] CVE-2012-5613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5613 [ 63 ] CVE-2012-5614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5614 [ 64 ] CVE-2012-5615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5615 [ 65 ] CVE-2012-5627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5627 [ 66 ] CVE-2013-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0367 [ 67 ] CVE-2013-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0368 [ 68 ] CVE-2013-0371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0371 [ 69 ] CVE-2013-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0375 [ 70 ] CVE-2013-0383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0383 [ 71 ] CVE-2013-0384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0384 [ 72 ] CVE-2013-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0385 [ 73 ] CVE-2013-0386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0386 [ 74 ] CVE-2013-0389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0389 [ 75 ] CVE-2013-1502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502 [ 76 ] CVE-2013-1506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506 [ 77 ] CVE-2013-1511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511 [ 78 ] CVE-2013-1512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512 [ 79 ] CVE-2013-1521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521 [ 80 ] CVE-2013-1523 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523 [ 81 ] CVE-2013-1526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526 [ 82 ] CVE-2013-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531 [ 83 ] CVE-2013-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532 [ 84 ] CVE-2013-1544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544 [ 85 ] CVE-2013-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548 [ 86 ] CVE-2013-1552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552 [ 87 ] CVE-2013-1555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555 [ 88 ] CVE-2013-1566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566 [ 89 ] CVE-2013-1567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567 [ 90 ] CVE-2013-1570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570 [ 91 ] CVE-2013-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375 [ 92 ] CVE-2013-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376 [ 93 ] CVE-2013-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378 [ 94 ] CVE-2013-2381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381 [ 95 ] CVE-2013-2389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389 [ 96 ] CVE-2013-2391 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391 [ 97 ] CVE-2013-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392 [ 98 ] CVE-2013-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395 [ 99 ] CVE-2013-3802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3802 [ 100 ] CVE-2013-3804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3804 [ 101 ] CVE-2013-3808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3808

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201308-06

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity
Severity: High
Title: MySQL: Multiple vulnerabilities
Date: August 29, 2013
Bugs: #399375, #411503, #412889, #417989, #445602, #462498,
ID: 201308-06

Synopsis

Multiple vulnerabilities have been found in MySQL, allowing attackersto execute arbitrary code or cause Denial of Service.

Background

MySQL is a fast, multi-threaded, multi-user SQL database server.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.1.70 >= 5.1.70

Impact

===== A remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Related News