Description: | Summary: The remote host is missing an update for the 'mysql, mysql-client' package(s) announced via the SUSE-SU-2013:1529-1 advisory.
Vulnerability Insight: This version upgrade of mysql to 5.5.33 fixed multiple security issues: * CVE-2013-1861 CVE-2013-3783 CVE-2013-3793 CVE-2013-3794 * CVE-2013-3795 CVE-2013-3796 CVE-2013-3798 CVE-2013-3801 * CVE-2013-3802 CVE-2013-3804 CVE-2013-3805 CVE-2013-3806 * CVE-2013-3807 CVE-2013-3808 CVE-2013-3809 CVE-2013-3810 * CVE-2013-3811 CVE-2013-3812 Additionally, it contains numerous bug fixes and improvements.: * fixed mysqldump with MySQL 5.0 (bnc#768832) * fixed log rights (bnc#789263 and bnc#803040 and bnc#792332) * binlog disabled in default configuration (bnc#791863) * fixed dependencies for client package (bnc#780019) * minor polishing of spec/installation * avoid file conflicts with mytop * better fix for hardcoded libdir issue * fixed hardcoded plugin paths (bnc#834028) * use chown --no-dereference instead of chown to improve security (bnc#834967) * adjust to spell !includedir correctly in /etc/my.cnf (bnc#734436) * typo in init script stops database on update (bnc#837801)
Affected Software/OS: 'mysql, mysql-client' package(s) on SUSE Linux Enterprise Desktop 11 SP3, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Software Development Kit 11 SP3.
Solution: Please install the updated package(s).
CVSS Score: 5.8
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
|