rh-mysql56-mysql-5.6.34-2.AXS4
エラータID: AXSA:2016-933:03
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.
Security issues fixed with this release:
CVE-2016-3492
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Optimizer.
CVE-2016-5507
Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and
5.7.14 and earlier allows remote administrators to affect availability
via vectors related to Server: InnoDB.
CVE-2016-5616
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: MyISAM.
CVE-2016-5617
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: Error Handling.
CVE-2016-5626
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to GIS.
CVE-2016-5629
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote administrators to
affect availability via vectors related to Server: Federated.
CVE-2016-6662
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through
5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x
before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before
5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create
arbitrary configurations and bypass certain protection mechanisms by
setting general_log_file to a my.cnf configuration. NOTE: this can be
leveraged to execute arbitrary code with root privileges by setting
malloc_lib.
CVE-2016-6663
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-6664
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-8283
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Types.
The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql (5.6.34).
Update packages.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6664. Reason: This candidate is a reservation duplicate of CVE-2016-6664. Notes: All CVE users should reference CVE-2016-6664 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
N/A
SRPMS
- rh-mysql56-mysql-5.6.34-2.AXS4.src.rpm
MD5: b6edfddbf7b2d1e2188cd966ec205e35
SHA-256: a0f6297a127ab352acb175ada6b423a7420e8ce9463357b7f3f40e88f469bdec
Size: 29.08 MB
Asianux Server 4 for x86_64
- rh-mysql56-mysql-5.6.34-2.AXS4.x86_64.rpm
MD5: 7c42b25dcf1bc616cceb25d77dee5688
SHA-256: 359c0818706dbab7badec9350e3554d89dd62a32c6e47bfa259f2b299fe4b642
Size: 7.45 MB - rh-mysql56-mysql-bench-5.6.34-2.AXS4.x86_64.rpm
MD5: adb4f5cb6a165d9b85976f91c1555939
SHA-256: 91693ac4556e542ef2f0e128ab2ae2fa989fd1d0e2258460868659df791b139c
Size: 439.75 kB - rh-mysql56-mysql-common-5.6.34-2.AXS4.x86_64.rpm
MD5: 306d432e3f900754da8b2b4cb062bce3
SHA-256: 36ec69d77ec945fba24eb7eae943a1bcd4d328751693c3d1cde3d83014e207b2
Size: 85.30 kB - rh-mysql56-mysql-config-5.6.34-2.AXS4.x86_64.rpm
MD5: 32135dd5c11843af03b95d58c798524d
SHA-256: 9353f2f85dbfe1c84c091c2e856e9ac81021542519c41a9723e4b57072240e21
Size: 57.31 kB - rh-mysql56-mysql-devel-5.6.34-2.AXS4.x86_64.rpm
MD5: b4f2addf5af8a3632d8efa6b78f971c7
SHA-256: 92bf5e96c04dfa0d539d56356c184c5fcc004000d1f99938ae31c434646812c4
Size: 216.51 kB - rh-mysql56-mysql-errmsg-5.6.34-2.AXS4.x86_64.rpm
MD5: 37b36c10b02c108f6d1af9eaa1eedc15
SHA-256: 970502c7eaefe2bd62cba37c07dc1418403bd41f00d13ab5416281e6103a6d8e
Size: 306.84 kB - rh-mysql56-mysql-server-5.6.34-2.AXS4.x86_64.rpm
MD5: dc80711406b341102b5f012de41d1955
SHA-256: 68b9c207b0d8609e254c84f1ae6b4fa652f79c23f18a2e0307709eb419543e70
Size: 12.03 MB - rh-mysql56-mysql-test-5.6.34-2.AXS4.x86_64.rpm
MD5: d93b56125c4303474def7fae179e459b
SHA-256: 1a242fa0ac11d8cd0588d21ea877d8e7d7a18c8818b01c44e3d49fd738634534
Size: 10.46 MB
日本語