[USN-5696-2] MySQL vulnerabilities

Severity Medium

Affected Packages 13

CVEs 4

Several security issues were fixed in MySQL.

USN-5696-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.7.40 in Ubuntu 16.04 ESM.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-40.html
https://www.oracle.com/security-alerts/cpuoct2022.html

Package	Affected Version
pkg:deb/ubuntu/mysql-testsuite?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-testsuite-5.7?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-source-5.7?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-server?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-server-core-5.7?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-server-5.7?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-common?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-client?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-client-core-5.7?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/mysql-client-5.7?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/libmysqld-dev?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/libmysqlclient20?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1
pkg:deb/ubuntu/libmysqlclient-dev?distro=xenial	< 5.7.40-0ubuntu0.16.04.1+esm1

ID

USN-5696-2

Severity

medium

URL

https://ubuntu.com/security/notices/USN-5696-2

Published

2022-10-26T17:33:27
(23 months ago)

Modified

2022-10-26T17:33:27
(23 months ago)

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:deb/ubuntu/mysql-testsuite?distro=xenial	ubuntu	mysql-testsuite	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-testsuite-5.7?distro=xenial	ubuntu	mysql-testsuite-5.7	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-source-5.7?distro=xenial	ubuntu	mysql-source-5.7	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-server?distro=xenial	ubuntu	mysql-server	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-server-core-5.7?distro=xenial	ubuntu	mysql-server-core-5.7	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-server-5.7?distro=xenial	ubuntu	mysql-server-5.7	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-common?distro=xenial	ubuntu	mysql-common	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-client?distro=xenial	ubuntu	mysql-client	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-client-core-5.7?distro=xenial	ubuntu	mysql-client-core-5.7	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/mysql-client-5.7?distro=xenial	ubuntu	mysql-client-5.7	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/libmysqld-dev?distro=xenial	ubuntu	libmysqld-dev	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/libmysqlclient20?distro=xenial	ubuntu	libmysqlclient20	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial
Affected	pkg:deb/ubuntu/libmysqlclient-dev?distro=xenial	ubuntu	libmysqlclient-dev	< 5.7.40-0ubuntu0.16.04.1+esm1	xenial

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date