[RHSA-2017:0184] mysql security update
Severity
Important
Affected Packages
40
CVEs
3
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662)
A race condition was found in the way MySQL performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663, CVE-2016-5616)
- ID
- RHSA-2017:0184
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2017:0184
- Published
-
2017-01-24T00:00:00
(7 years ago) - Modified
-
2017-01-24T00:00:00
(7 years ago) - Rights
- Copyright 2017 Red Hat, Inc.
- Other Advisories
-
- ALAS-2016-756
- ALAS-2017-800
- ALPINE:CVE-2016-6662
- DSA-3666-1
- DSA-3711-1
- ELSA-2016-2595
- ELSA-2017-0184
- FEDORA-2016-0901301dff
- FEDORA-2016-58f90ae3cc
- FEDORA-2016-9b83c6862d
- FEDORA-2016-c7e60a9fd4
- FREEBSD:22373C43-D728-11E6-A9A5-B499BAEBFEAF
- FREEBSD:856B88BF-7984-11E6-81E7-D050996490D0
- FREEBSD:B64A7389-7C27-11E6-8AAA-5404A68AD561
- GLSA-201701-01
- RHSA-2016:2595
- SSA:2016-257-01
- SSA:2016-305-03
- SUSE-SU-2016:2343-1
- SUSE-SU-2016:2395-1
- SUSE-SU-2016:2404-1
- SUSE-SU-2016:2780-1
- SUSE-SU-2016:2932-1
- SUSE-SU-2016:2933-1
- USN-3078-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1375198 | https://bugzilla.redhat.com/1375198 | |
Bugzilla | 1378936 | https://bugzilla.redhat.com/1378936 | |
RHSA | RHSA-2017:0184 | https://access.redhat.com/errata/RHSA-2017:0184 | |
CVE | CVE-2016-5616 | https://access.redhat.com/security/cve/CVE-2016-5616 | |
CVE | CVE-2016-6662 | https://access.redhat.com/security/cve/CVE-2016-6662 | |
CVE | CVE-2016-6663 | https://access.redhat.com/security/cve/CVE-2016-6663 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/mysql?arch=x86_64&distro=redhat-6.8 | redhat | mysql | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql?arch=s390x&distro=redhat-6.8 | redhat | mysql | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql?arch=ppc64&distro=redhat-6.8 | redhat | mysql | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql?arch=i686&distro=redhat-6.8 | redhat | mysql | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-test?arch=x86_64&distro=redhat-6.8 | redhat | mysql-test | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-test?arch=s390x&distro=redhat-6.8 | redhat | mysql-test | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-test?arch=ppc64&distro=redhat-6.8 | redhat | mysql-test | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-test?arch=i686&distro=redhat-6.8 | redhat | mysql-test | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-server?arch=x86_64&distro=redhat-6.8 | redhat | mysql-server | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-server?arch=s390x&distro=redhat-6.8 | redhat | mysql-server | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-server?arch=ppc64&distro=redhat-6.8 | redhat | mysql-server | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-server?arch=i686&distro=redhat-6.8 | redhat | mysql-server | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-libs?arch=x86_64&distro=redhat-6.8 | redhat | mysql-libs | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-libs?arch=s390x&distro=redhat-6.8 | redhat | mysql-libs | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-libs?arch=s390&distro=redhat-6.8 | redhat | mysql-libs | < 5.1.73-8.el6_8 | redhat-6.8 | s390 | |
Affected | pkg:rpm/redhat/mysql-libs?arch=ppc64&distro=redhat-6.8 | redhat | mysql-libs | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-libs?arch=ppc&distro=redhat-6.8 | redhat | mysql-libs | < 5.1.73-8.el6_8 | redhat-6.8 | ppc | |
Affected | pkg:rpm/redhat/mysql-libs?arch=i686&distro=redhat-6.8 | redhat | mysql-libs | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-embedded?arch=x86_64&distro=redhat-6.8 | redhat | mysql-embedded | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-embedded?arch=s390x&distro=redhat-6.8 | redhat | mysql-embedded | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-embedded?arch=s390&distro=redhat-6.8 | redhat | mysql-embedded | < 5.1.73-8.el6_8 | redhat-6.8 | s390 | |
Affected | pkg:rpm/redhat/mysql-embedded?arch=ppc64&distro=redhat-6.8 | redhat | mysql-embedded | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-embedded?arch=ppc&distro=redhat-6.8 | redhat | mysql-embedded | < 5.1.73-8.el6_8 | redhat-6.8 | ppc | |
Affected | pkg:rpm/redhat/mysql-embedded?arch=i686&distro=redhat-6.8 | redhat | mysql-embedded | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-embedded-devel?arch=x86_64&distro=redhat-6.8 | redhat | mysql-embedded-devel | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-embedded-devel?arch=s390x&distro=redhat-6.8 | redhat | mysql-embedded-devel | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-embedded-devel?arch=s390&distro=redhat-6.8 | redhat | mysql-embedded-devel | < 5.1.73-8.el6_8 | redhat-6.8 | s390 | |
Affected | pkg:rpm/redhat/mysql-embedded-devel?arch=ppc64&distro=redhat-6.8 | redhat | mysql-embedded-devel | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-embedded-devel?arch=ppc&distro=redhat-6.8 | redhat | mysql-embedded-devel | < 5.1.73-8.el6_8 | redhat-6.8 | ppc | |
Affected | pkg:rpm/redhat/mysql-embedded-devel?arch=i686&distro=redhat-6.8 | redhat | mysql-embedded-devel | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-devel?arch=x86_64&distro=redhat-6.8 | redhat | mysql-devel | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-devel?arch=s390x&distro=redhat-6.8 | redhat | mysql-devel | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-devel?arch=s390&distro=redhat-6.8 | redhat | mysql-devel | < 5.1.73-8.el6_8 | redhat-6.8 | s390 | |
Affected | pkg:rpm/redhat/mysql-devel?arch=ppc64&distro=redhat-6.8 | redhat | mysql-devel | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-devel?arch=ppc&distro=redhat-6.8 | redhat | mysql-devel | < 5.1.73-8.el6_8 | redhat-6.8 | ppc | |
Affected | pkg:rpm/redhat/mysql-devel?arch=i686&distro=redhat-6.8 | redhat | mysql-devel | < 5.1.73-8.el6_8 | redhat-6.8 | i686 | |
Affected | pkg:rpm/redhat/mysql-bench?arch=x86_64&distro=redhat-6.8 | redhat | mysql-bench | < 5.1.73-8.el6_8 | redhat-6.8 | x86_64 | |
Affected | pkg:rpm/redhat/mysql-bench?arch=s390x&distro=redhat-6.8 | redhat | mysql-bench | < 5.1.73-8.el6_8 | redhat-6.8 | s390x | |
Affected | pkg:rpm/redhat/mysql-bench?arch=ppc64&distro=redhat-6.8 | redhat | mysql-bench | < 5.1.73-8.el6_8 | redhat-6.8 | ppc64 | |
Affected | pkg:rpm/redhat/mysql-bench?arch=i686&distro=redhat-6.8 | redhat | mysql-bench | < 5.1.73-8.el6_8 | redhat-6.8 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |