openSUSE Security Update: Security update for mysql-community-server
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:2769-1
Rating:             important
References:         #1005555 #1005557 #1005558 #1005560 #1005561 
                    #1005562 #1005563 #1005566 #1005567 #1005569 
                    #1005570 #1005581 #1005582 #1005583 #1005586 
                    #971456 #977614 #983938 #986251 #989911 #989913 
                    #989914 #989915 #989919 #989921 #989922 #989925 
                    #989926 #990890 #998309 #999666 
Cross-References:   CVE-2016-2105 CVE-2016-3459 CVE-2016-3477
                    CVE-2016-3486 CVE-2016-3492 CVE-2016-3501
                    CVE-2016-3521 CVE-2016-3614 CVE-2016-3615
                    CVE-2016-5439 CVE-2016-5440 CVE-2016-5507
                    CVE-2016-5584 CVE-2016-5609 CVE-2016-5612
                    CVE-2016-5616 CVE-2016-5617 CVE-2016-5626
                    CVE-2016-5627 CVE-2016-5629 CVE-2016-5630
                    CVE-2016-6304 CVE-2016-6662 CVE-2016-7440
                    CVE-2016-8283 CVE-2016-8284 CVE-2016-8288
                   
Affected Products:
                    openSUSE Leap 42.1
                    openSUSE 13.2
______________________________________________________________________________

   An update that solves 27 vulnerabilities and has four fixes
   is now available.

Description:


   mysql-community-server was updated to 5.6.34 to fix the following issues:

   * Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-34.html
     http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html
     http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-32.html
     http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html
   * fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584,
     CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492,
     CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609,
     CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284,
     CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486,
     CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614,
     CVE-2016-3459, CVE-2016-5439, CVE-2016-5440
   * fixes SUSE Bugs: [boo#999666],  [boo#998309],  [boo#1005581],
     [boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566],
     [boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582],
     [boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570],
     [boo#1005583], [boo#1005586], [boo#989913],  [boo#977614],
     [boo#989914], [boo#989915],  [boo#989919],  [boo#989922],  [boo#989921],
     [boo#989911],  [boo#989925],  [boo#989926]
   - append "--ignore-db-dir=lost+found" to the mysqld options in
     "mysql-systemd-helper" script if "lost+found" directory is found in
     $datadir [boo#986251]
   - remove syslog.target from *.service files [boo#983938]
   - add systemd to deps to build on leap and friends
   - replace '%{_libexecdir}/systemd/system' with %{_unitdir} macro
   - remove useless mysql@default.service [boo#971456]
   - replace all occurrences of the string "@sysconfdir@" with "/etc" in
     mysql-community-server-5.6.3-logrotate.patch as it wasn't expanded
     properly [boo#990890]
   - remove '%define _rundir' as 13.1 is out of support scope
   - run 'usermod -g mysql mysql' only if mysql user is not in mysql group.
     Run 'usermod -s /bin/false/ mysql' only if mysql user doesn't have
     '/bin/false' shell set.
   - re-enable mysql profiling


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2016-1283=1

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2016-1283=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.1 (i586 x86_64):

      libmysql56client18-5.6.34-19.2
      libmysql56client18-debuginfo-5.6.34-19.2
      libmysql56client_r18-5.6.34-19.2
      mysql-community-server-5.6.34-19.2
      mysql-community-server-bench-5.6.34-19.2
      mysql-community-server-bench-debuginfo-5.6.34-19.2
      mysql-community-server-client-5.6.34-19.2
      mysql-community-server-client-debuginfo-5.6.34-19.2
      mysql-community-server-debuginfo-5.6.34-19.2
      mysql-community-server-debugsource-5.6.34-19.2
      mysql-community-server-errormessages-5.6.34-19.2
      mysql-community-server-test-5.6.34-19.2
      mysql-community-server-test-debuginfo-5.6.34-19.2
      mysql-community-server-tools-5.6.34-19.2
      mysql-community-server-tools-debuginfo-5.6.34-19.2

   - openSUSE Leap 42.1 (x86_64):

      libmysql56client18-32bit-5.6.34-19.2
      libmysql56client18-debuginfo-32bit-5.6.34-19.2
      libmysql56client_r18-32bit-5.6.34-19.2

   - openSUSE 13.2 (i586 x86_64):

      libmysql56client18-5.6.34-2.23.1
      libmysql56client18-debuginfo-5.6.34-2.23.1
      libmysql56client_r18-5.6.34-2.23.1
      mysql-community-server-5.6.34-2.23.1
      mysql-community-server-bench-5.6.34-2.23.1
      mysql-community-server-bench-debuginfo-5.6.34-2.23.1
      mysql-community-server-client-5.6.34-2.23.1
      mysql-community-server-client-debuginfo-5.6.34-2.23.1
      mysql-community-server-debuginfo-5.6.34-2.23.1
      mysql-community-server-debugsource-5.6.34-2.23.1
      mysql-community-server-errormessages-5.6.34-2.23.1
      mysql-community-server-test-5.6.34-2.23.1
      mysql-community-server-test-debuginfo-5.6.34-2.23.1
      mysql-community-server-tools-5.6.34-2.23.1
      mysql-community-server-tools-debuginfo-5.6.34-2.23.1

   - openSUSE 13.2 (x86_64):

      libmysql56client18-32bit-5.6.34-2.23.1
      libmysql56client18-debuginfo-32bit-5.6.34-2.23.1
      libmysql56client_r18-32bit-5.6.34-2.23.1


References:

   https://www.suse.com/security/cve/CVE-2016-2105.html
   https://www.suse.com/security/cve/CVE-2016-3459.html
   https://www.suse.com/security/cve/CVE-2016-3477.html
   https://www.suse.com/security/cve/CVE-2016-3486.html
   https://www.suse.com/security/cve/CVE-2016-3492.html
   https://www.suse.com/security/cve/CVE-2016-3501.html
   https://www.suse.com/security/cve/CVE-2016-3521.html
   https://www.suse.com/security/cve/CVE-2016-3614.html
   https://www.suse.com/security/cve/CVE-2016-3615.html
   https://www.suse.com/security/cve/CVE-2016-5439.html
   https://www.suse.com/security/cve/CVE-2016-5440.html
   https://www.suse.com/security/cve/CVE-2016-5507.html
   https://www.suse.com/security/cve/CVE-2016-5584.html
   https://www.suse.com/security/cve/CVE-2016-5609.html
   https://www.suse.com/security/cve/CVE-2016-5612.html
         https://www.suse.com/security/cve/CVE-2016-5626.html
   https://www.suse.com/security/cve/CVE-2016-5627.html
   https://www.suse.com/security/cve/CVE-2016-5629.html
   https://www.suse.com/security/cve/CVE-2016-5630.html
   https://www.suse.com/security/cve/CVE-2016-6304.html
   https://www.suse.com/security/cve/CVE-2016-6662.html
   https://www.suse.com/security/cve/CVE-2016-7440.html
   https://www.suse.com/security/cve/CVE-2016-8283.html
   https://www.suse.com/security/cve/CVE-2016-8284.html
   https://www.suse.com/security/cve/CVE-2016-8288.html
   https://bugzilla.suse.com/1005555
   https://bugzilla.suse.com/1005557
   https://bugzilla.suse.com/1005558
   https://bugzilla.suse.com/1005560
   https://bugzilla.suse.com/1005561
   https://bugzilla.suse.com/1005562
   https://bugzilla.suse.com/1005563
   https://bugzilla.suse.com/1005566
   https://bugzilla.suse.com/1005567
   https://bugzilla.suse.com/1005569
   https://bugzilla.suse.com/1005570
   https://bugzilla.suse.com/1005581
   https://bugzilla.suse.com/1005582
   https://bugzilla.suse.com/1005583
   https://bugzilla.suse.com/1005586
   https://bugzilla.suse.com/971456
   https://bugzilla.suse.com/977614
   https://bugzilla.suse.com/983938
   https://bugzilla.suse.com/986251
   https://bugzilla.suse.com/989911
   https://bugzilla.suse.com/989913
   https://bugzilla.suse.com/989914
   https://bugzilla.suse.com/989915
   https://bugzilla.suse.com/989919
   https://bugzilla.suse.com/989921
   https://bugzilla.suse.com/989922
   https://bugzilla.suse.com/989925
   https://bugzilla.suse.com/989926
   https://bugzilla.suse.com/990890
   https://bugzilla.suse.com/998309
   https://bugzilla.suse.com/999666

openSUSE: 2016:2769-1: important: mysql-community-server

November 10, 2016
An update that solves 27 vulnerabilities and has four fixes An update that solves 27 vulnerabilities and has four fixes An update that solves 27 vulnerabilities and has four fixes ...

Description

mysql-community-server was updated to 5.6.34 to fix the following issues: * Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-34.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-32.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html * fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584, CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492, CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609, CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284, CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614, CVE-2016-3459, CVE-2016-5439, CVE-2016-5440 * fixes SUSE Bugs: [boo#999666], [boo#998309], [boo#1005581], [boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566], [boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582], [boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570], [boo#1005583], [boo#1005586], [boo#989913], [boo#977614], [boo#989914], [boo#989915], [boo#989919], [boo#989922], [boo#989921], [boo#989911], [boo#989925], [boo#989926] - append "--ignore-db-dir=lost+found" to the mysqld options in "mysql-systemd-helper" script if "lost+found" directory is found in $datadir [boo#986251] - remove syslog.target from *.service files [boo#983938] - add systemd to deps to build on leap and friends - replace '%{_libexecdir}/systemd/system' with %{_unitdir} macro - remove useless mysql@default.service [boo#971456] - replace all occurrences of the string "@sysconfdir@" with "/etc" in mysql-community-server-5.6.3-logrotate.patch as it wasn't expanded properly [boo#990890] - remove '%define _rundir' as 13.1 is out of support scope - run 'usermod -g mysql mysql' only if mysql user is not in mysql group. Run 'usermod -s /bin/false/ mysql' only if mysql user doesn't have '/bin/false' shell set. - re-enable mysql profiling

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1283=1 - openSUSE 13.2: zypper in -t patch openSUSE-2016-1283=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE Leap 42.1 (i586 x86_64): libmysql56client18-5.6.34-19.2 libmysql56client18-debuginfo-5.6.34-19.2 libmysql56client_r18-5.6.34-19.2 mysql-community-server-5.6.34-19.2 mysql-community-server-bench-5.6.34-19.2 mysql-community-server-bench-debuginfo-5.6.34-19.2 mysql-community-server-client-5.6.34-19.2 mysql-community-server-client-debuginfo-5.6.34-19.2 mysql-community-server-debuginfo-5.6.34-19.2 mysql-community-server-debugsource-5.6.34-19.2 mysql-community-server-errormessages-5.6.34-19.2 mysql-community-server-test-5.6.34-19.2 mysql-community-server-test-debuginfo-5.6.34-19.2 mysql-community-server-tools-5.6.34-19.2 mysql-community-server-tools-debuginfo-5.6.34-19.2 - openSUSE Leap 42.1 (x86_64): libmysql56client18-32bit-5.6.34-19.2 libmysql56client18-debuginfo-32bit-5.6.34-19.2 libmysql56client_r18-32bit-5.6.34-19.2 - openSUSE 13.2 (i586 x86_64): libmysql56client18-5.6.34-2.23.1 libmysql56client18-debuginfo-5.6.34-2.23.1 libmysql56client_r18-5.6.34-2.23.1 mysql-community-server-5.6.34-2.23.1 mysql-community-server-bench-5.6.34-2.23.1 mysql-community-server-bench-debuginfo-5.6.34-2.23.1 mysql-community-server-client-5.6.34-2.23.1 mysql-community-server-client-debuginfo-5.6.34-2.23.1 mysql-community-server-debuginfo-5.6.34-2.23.1 mysql-community-server-debugsource-5.6.34-2.23.1 mysql-community-server-errormessages-5.6.34-2.23.1 mysql-community-server-test-5.6.34-2.23.1 mysql-community-server-test-debuginfo-5.6.34-2.23.1 mysql-community-server-tools-5.6.34-2.23.1 mysql-community-server-tools-debuginfo-5.6.34-2.23.1 - openSUSE 13.2 (x86_64): libmysql56client18-32bit-5.6.34-2.23.1 libmysql56client18-debuginfo-32bit-5.6.34-2.23.1 libmysql56client_r18-32bit-5.6.34-2.23.1


References

https://www.suse.com/security/cve/CVE-2016-2105.html https://www.suse.com/security/cve/CVE-2016-3459.html https://www.suse.com/security/cve/CVE-2016-3477.html https://www.suse.com/security/cve/CVE-2016-3486.html https://www.suse.com/security/cve/CVE-2016-3492.html https://www.suse.com/security/cve/CVE-2016-3501.html https://www.suse.com/security/cve/CVE-2016-3521.html https://www.suse.com/security/cve/CVE-2016-3614.html https://www.suse.com/security/cve/CVE-2016-3615.html https://www.suse.com/security/cve/CVE-2016-5439.html https://www.suse.com/security/cve/CVE-2016-5440.html https://www.suse.com/security/cve/CVE-2016-5507.html https://www.suse.com/security/cve/CVE-2016-5584.html https://www.suse.com/security/cve/CVE-2016-5609.html https://www.suse.com/security/cve/CVE-2016-5612.html https://www.suse.com/security/cve/CVE-2016-5626.html https://www.suse.com/security/cve/CVE-2016-5627.html https://www.suse.com/security/cve/CVE-2016-5629.html https://www.suse.com/security/cve/CVE-2016-5630.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6662.html https://www.suse.com/security/cve/CVE-2016-7440.html https://www.suse.com/security/cve/CVE-2016-8283.html https://www.suse.com/security/cve/CVE-2016-8284.html https://www.suse.com/security/cve/CVE-2016-8288.html https://bugzilla.suse.com/1005555 https://bugzilla.suse.com/1005557 https://bugzilla.suse.com/1005558 https://bugzilla.suse.com/1005560 https://bugzilla.suse.com/1005561 https://bugzilla.suse.com/1005562 https://bugzilla.suse.com/1005563 https://bugzilla.suse.com/1005566 https://bugzilla.suse.com/1005567 https://bugzilla.suse.com/1005569 https://bugzilla.suse.com/1005570 https://bugzilla.suse.com/1005581 https://bugzilla.suse.com/1005582 https://bugzilla.suse.com/1005583 https://bugzilla.suse.com/1005586 https://bugzilla.suse.com/971456 https://bugzilla.suse.com/977614 https://bugzilla.suse.com/983938 https://bugzilla.suse.com/986251 https://bugzilla.suse.com/989911 https://bugzilla.suse.com/989913 https://bugzilla.suse.com/989914 https://bugzilla.suse.com/989915 https://bugzilla.suse.com/989919 https://bugzilla.suse.com/989921 https://bugzilla.suse.com/989922 https://bugzilla.suse.com/989925 https://bugzilla.suse.com/989926 https://bugzilla.suse.com/990890 https://bugzilla.suse.com/998309 https://bugzilla.suse.com/999666


Severity
Announcement ID: openSUSE-SU-2016:2769-1
Rating: important
Affected Products: openSUSE Leap 42.1 openSUSE 13.2

Related News

21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved