Red Hat: RHSA-2018-1254-01 Moderate MySQL Security Update

red hat

April 26, 2018

An update for rh-mysql56-mysql is now available for Red Hat Software Collections

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

Summary

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
The following packages have been upgraded to a later upstream version: rh-mysql56-mysql (5.6.40). (BZ#1571242)
Security Fix(es):
* mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755)
* mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2018) (CVE-2018-2758)
* mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2766)
* mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771)
* mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2773)
* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) (CVE-2018-2781)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2782)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2784)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2787)
* mysql: GIS Extension unspecified vulnerability (CPU Apr 2018) (CVE-2018-2805)
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2813)
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2817)
* mysql: Server : Security : Privileges unspecified vulnerability (CPU Apr 2018) (CVE-2018-2818)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2819)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Topics Covered

security advisory security issue moderate severity MySQL update Red Hat Software Collections replication issue

References

https://access.redhat.com/security/cve/CVE-2018-2755 https://access.redhat.com/security/cve/CVE-2018-2758 https://access.redhat.com/security/cve/CVE-2018-2761 https://access.redhat.com/security/cve/CVE-2018-2766 https://access.redhat.com/security/cve/CVE-2018-2771 https://access.redhat.com/security/cve/CVE-2018-2773 https://access.redhat.com/security/cve/CVE-2018-2781 https://access.redhat.com/security/cve/CVE-2018-2782 https://access.redhat.com/security/cve/CVE-2018-2784 https://access.redhat.com/security/cve/CVE-2018-2787 https://access.redhat.com/security/cve/CVE-2018-2805 https://access.redhat.com/security/cve/CVE-2018-2813 https://access.redhat.com/security/cve/CVE-2018-2817 https://access.redhat.com/security/cve/CVE-2018-2818 https://access.redhat.com/security/cve/CVE-2018-2819 https://access.redhat.com/security/updates/classification/#moderate

Package List

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):
Source: rh-mysql56-mysql-5.6.40-1.el6.src.rpm
x86_64: rh-mysql56-mysql-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-bench-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-common-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-config-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-debuginfo-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-devel-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-errmsg-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-server-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-test-5.6.40-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: rh-mysql56-mysql-5.6.40-1.el6.src.rpm
x86_64: rh-mysql56-mysql-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-bench-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-common-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-config-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-debuginfo-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-devel-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-errmsg-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-server-5.6.40-1.el6.x86_64.rpm rh-mysql56-mysql-test-5.6.40-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):
Source: rh-mysql56-mysql-5.6.40-1.el6.src.rpm
x86_64: rh-mysql56-mysql-5.6.40-1.el6.x86_64.rpm

Read the Full Advisory

Advisory ID: RHSA-2018:1254-01

Product: Red Hat Software Collections

Advisory URL: https://access.redhat.com/errata/RHSA-2018:1254

Issue date: 2018-04-26

Topic

An update for rh-mysql56-mysql is now available for Red Hat SoftwareCollections.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics Covered

security advisory security issue moderate severity MySQL update Red Hat Software Collections replication issue

Relevant Releases Architectures

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Bugs Fixed

1568921 - CVE-2018-2755 mysql: Server: Replication unspecified vulnerability (CPU Apr 2018)

1568922 - CVE-2018-2758 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2018)

1568924 - CVE-2018-2761 mysql: Client programs unspecified vulnerability (CPU Apr 2018)

1568926 - CVE-2018-2766 mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

1568931 - CVE-2018-2771 mysql: Server: Locking unspecified vulnerability (CPU Apr 2018)

1568932 - CVE-2018-2773 mysql: Client programs unspecified vulnerability (CPU Apr 2018)

1568942 - CVE-2018-2781 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018)

1568943 - CVE-2018-2782 mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

1568944 - CVE-2018-2784 mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

1568946 - CVE-2018-2787 mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

1568948 - CVE-2018-2805 mysql: GIS Extension unspecified vulnerability (CPU Apr 2018)

1568951 - CVE-2018-2813 mysql: Server: DDL unspecified vulnerability (CPU Apr 2018)

1568954 - CVE-2018-2817 mysql: Server: DDL unspecified vulnerability (CPU Apr 2018)

1568955 - CVE-2018-2818 mysql: Server : Security : Privileges unspecified vulnerability (CPU Apr 2018)

1568956 - CVE-2018-2819 mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Red Hat: RHSA-2018-1254-01 Moderate MySQL Security Update

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Red Hat: RHSA-2018-1254-01 Moderate MySQL Security Update

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!