SuSE Local Security Checks : openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2017:2868-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.851633

Kategorie: SuSE Local Security Checks

Titel: openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2017:2868-1)

Zusammenfassung: The remote host is missing an update for the 'mysql-community-server'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'mysql-community-server'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This update for mysql-community-server
to 5.6.38 fixes the following issues:

CVEs fixed:

- [boo#1064116] CVE-2017-10379

- [boo#1064117] CVE-2017-10384

- [boo#1064115] CVE-2017-10378

- [boo#1064101] CVE-2017-10268

- [boo#1064096] CVE-2017-10155

- [boo#1064118] CVE-2017-3731

- [boo#1064102] CVE-2017-10276

- [boo#1064105] CVE-2017-10283

- [boo#1064112] CVE-2017-10314

- [boo#1064100] CVE-2017-10227

- [boo#1064104] CVE-2017-10279

- [boo#1064108] CVE-2017-10294

- [boo#1064107] CVE-2017-10286

Additional changes:

- add 'BuildRequires: unixODBC-devel' to allow ODBC support for Connect
engine [boo#1039034]

- update filename in /var/adm/update-messages to match documentation, and
build-compare pattern

- some scripts from the tools subpackage, namely: wsrep_sst_xtrabackup,
wsrep_sst_mariabackup.sh and wsrep_sst_xtrabackup-v2.sh need socat

- fixed incorrect descriptions and mismatching RPM groups

Affected Software/OS:
mysql-community-server on openSUSE Leap 42.3, openSUSE Leap 42.2

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-3731
BugTraq ID: 95813
http://www.securityfocus.com/bid/95813
Debian Security Information: DSA-3773 (Google Search)
http://www.debian.org/security/2017/dsa-3773
FreeBSD Security Advisory: FreeBSD-SA-17:02
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.asc
https://security.gentoo.org/glsa/201702-07
https://github.com/openssl/openssl/commit/00d965474b22b54e4275232bc71ee0c699c5cd21
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
RedHat Security Advisories: RHSA-2017:0286
http://rhn.redhat.com/errata/RHSA-2017-0286.html
RedHat Security Advisories: RHSA-2018:2185
https://access.redhat.com/errata/RHSA-2018:2185
RedHat Security Advisories: RHSA-2018:2186
https://access.redhat.com/errata/RHSA-2018:2186
RedHat Security Advisories: RHSA-2018:2187
https://access.redhat.com/errata/RHSA-2018:2187
http://www.securitytracker.com/id/1037717

Copyright Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.851633
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2017:2868-1)
Zusammenfassung:	The remote host is missing an update for the 'mysql-community-server'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'mysql-community-server' package(s) announced via the referenced advisory. Vulnerability Insight: This update for mysql-community-server to 5.6.38 fixes the following issues: CVEs fixed: - [boo#1064116] CVE-2017-10379 - [boo#1064117] CVE-2017-10384 - [boo#1064115] CVE-2017-10378 - [boo#1064101] CVE-2017-10268 - [boo#1064096] CVE-2017-10155 - [boo#1064118] CVE-2017-3731 - [boo#1064102] CVE-2017-10276 - [boo#1064105] CVE-2017-10283 - [boo#1064112] CVE-2017-10314 - [boo#1064100] CVE-2017-10227 - [boo#1064104] CVE-2017-10279 - [boo#1064108] CVE-2017-10294 - [boo#1064107] CVE-2017-10286 Additional changes: - add 'BuildRequires: unixODBC-devel' to allow ODBC support for Connect engine [boo#1039034] - update filename in /var/adm/update-messages to match documentation, and build-compare pattern - some scripts from the tools subpackage, namely: wsrep_sst_xtrabackup, wsrep_sst_mariabackup.sh and wsrep_sst_xtrabackup-v2.sh need socat - fixed incorrect descriptions and mismatching RPM groups Affected Software/OS: mysql-community-server on openSUSE Leap 42.3, openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3731 BugTraq ID: 95813 http://www.securityfocus.com/bid/95813 Debian Security Information: DSA-3773 (Google Search) http://www.debian.org/security/2017/dsa-3773 FreeBSD Security Advisory: FreeBSD-SA-17:02 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.asc https://security.gentoo.org/glsa/201702-07 https://github.com/openssl/openssl/commit/00d965474b22b54e4275232bc71ee0c699c5cd21 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html RedHat Security Advisories: RHSA-2017:0286 http://rhn.redhat.com/errata/RHSA-2017-0286.html RedHat Security Advisories: RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018:2185 RedHat Security Advisories: RHSA-2018:2186 https://access.redhat.com/errata/RHSA-2018:2186 RedHat Security Advisories: RHSA-2018:2187 https://access.redhat.com/errata/RHSA-2018:2187 http://www.securitytracker.com/id/1037717
Copyright	Copyright (C) 2017 Greenbone Networks GmbH