rh-mysql56-mysql-5.6.34-2.el7
エラータID: AXSA:2016-932:03
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.
Security issues fixed with this release:
CVE-2016-3492
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Optimizer.
CVE-2016-5507
Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and
5.7.14 and earlier allows remote administrators to affect availability
via vectors related to Server: InnoDB.
CVE-2016-5616
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: MyISAM.
CVE-2016-5617
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: Error Handling.
CVE-2016-5626
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to GIS.
CVE-2016-5629
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote administrators to
affect availability via vectors related to Server: Federated.
CVE-2016-6662
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through
5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x
before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before
5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create
arbitrary configurations and bypass certain protection mechanisms by
setting general_log_file to a my.cnf configuration. NOTE: this can be
leveraged to execute arbitrary code with root privileges by setting
malloc_lib.
CVE-2016-6663
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-6664
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-8283
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Types.
The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql (5.6.34).
Update packages.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6664. Reason: This candidate is a reservation duplicate of CVE-2016-6664. Notes: All CVE users should reference CVE-2016-6664 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
N/A
SRPMS
- rh-mysql56-mysql-5.6.34-2.el7.src.rpm
MD5: d8e22ac69991e3b12f09911581caa089
SHA-256: b04cbd86ddb2513fc9eb25267ec99009b54405c712d04ef1a0fdba57db81f5fb
Size: 29.08 MB
Asianux Server 7 for x86_64
- rh-mysql56-mysql-5.6.34-2.el7.x86_64.rpm
MD5: 9f786512dd9d51f7cb7c1cd7a0c0c134
SHA-256: cb99280bfa99382a3836c90b8bf096a08f301a82aca04f815d204c7e09851142
Size: 6.58 MB - rh-mysql56-mysql-bench-5.6.34-2.el7.x86_64.rpm
MD5: 9f55c638a5464bc35d6835a946b4698d
SHA-256: f5f01b05431b76e8bf6d391f4eed05d56dfa0fedf6a920a80d076909d2663057
Size: 430.14 kB - rh-mysql56-mysql-common-5.6.34-2.el7.x86_64.rpm
MD5: 4b34f62541f5b443f8cc7e1c400cd094
SHA-256: 6bfe4401b8161ead4b4975afc860ced4fa75a25ae46b4b70b23f84e5e253f586
Size: 85.84 kB - rh-mysql56-mysql-config-5.6.34-2.el7.x86_64.rpm
MD5: f4d1c4519f841571b3c25b67b0bb37a7
SHA-256: 2aaeacbc38ee8fd49a2f62465f850f76f09b25abc28d497ee19efd1477ca01fd
Size: 57.61 kB - rh-mysql56-mysql-devel-5.6.34-2.el7.x86_64.rpm
MD5: 5fba9a967e3a129591990114c44b9657
SHA-256: 51795f0c3d125915cc5a241efe4819e2d936bf100f68ca9d0c44f81a8b2bbcda
Size: 217.00 kB - rh-mysql56-mysql-errmsg-5.6.34-2.el7.x86_64.rpm
MD5: 7fa80f7e07babcabf67a048d96fc28c8
SHA-256: 39c5f9ce22f2b182d9fb98d3672472b8a60b82be48f815e1153e7b529d53ceae
Size: 257.03 kB - rh-mysql56-mysql-server-5.6.34-2.el7.x86_64.rpm
MD5: 7a55428526cc03da14dd6cd451aab371
SHA-256: 164c3eea60545f22b2920d4ab545ed019131ce1f6faedfd889e5ab26e70c0f9e
Size: 10.99 MB - rh-mysql56-mysql-test-5.6.34-2.el7.x86_64.rpm
MD5: 414e6962516d237d5ed48b67d26de289
SHA-256: 3f51c831af4ec515516852e510b1beb086d97de4e284711cf4f816e03923849d
Size: 9.51 MB
日本語