Issued:: 2014-11-17
Updated:: 2014-11-17

RHSA-2014:1859 - Security Advisory

Overview
Updated Packages

Synopsis

Important: mysql55-mysql security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated mysql55-mysql packages that fix several security issues are now
available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

Description

MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.

This update fixes several vulnerabilities in the MySQL database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)

These updated packages upgrade MySQL to version 5.5.40. Refer to the MySQL
Release Notes listed in the References section for a complete list of
changes.

All MySQL users should upgrade to these updated packages, which correct
these issues. After installing this update, the MySQL server daemon
(mysqld) will be restarted automatically.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014)
BZ - 1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
BZ - 1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014)
BZ - 1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
BZ - 1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
BZ - 1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
BZ - 1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
BZ - 1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
BZ - 1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
BZ - 1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
BZ - 1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
BZ - 1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
BZ - 1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
BZ - 1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
BZ - 1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
BZ - 1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
BZ - 1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
BZ - 1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
mysql55-mysql-5.5.40-2.el5.src.rpm	SHA-256: 2a7178e2a3dfdc7aee80f3e058019be521f4823c6047307825ec1688aa2df80d
x86_64
mysql55-mysql-5.5.40-2.el5.x86_64.rpm	SHA-256: e23a32d97828c9419df1abfd18e853fabd3448e41dafb8215a202eb1c659e32a
mysql55-mysql-bench-5.5.40-2.el5.x86_64.rpm	SHA-256: daa925b6137d6bdd62b2a0eae09c4089a954730f4f4c5eaf82e43eaf9bf78c09
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-debuginfo-5.5.40-2.el5.x86_64.rpm	SHA-256: 3fa48e53e77255f2f58c3ebc7b5d2e9a7785b9824ac3060342c6f098b220164c
mysql55-mysql-devel-5.5.40-2.el5.i386.rpm	SHA-256: c48f70e36a0354568594259dc8b7e828e04218440f07d2196bf7e2c43200865d
mysql55-mysql-devel-5.5.40-2.el5.x86_64.rpm	SHA-256: 020a93fe86aec26b6cc1d3cfec6b630d2b1328475f93c5ff9a26532b198d511d
mysql55-mysql-libs-5.5.40-2.el5.x86_64.rpm	SHA-256: 4fbf12df0eefb44527b71ddbcda3064b75bf65614be63eaa3c4fe395a5b913f6
mysql55-mysql-server-5.5.40-2.el5.x86_64.rpm	SHA-256: 1ce47014cb71b6424d522f6a727aca622dd2c60e5e8a835a19b0d24f9512dbf9
mysql55-mysql-test-5.5.40-2.el5.x86_64.rpm	SHA-256: a3d602eb8ba854dae9b5491677c35d57f46daf84266448180f8b3289c10da7e6
ia64
mysql55-mysql-5.5.40-2.el5.ia64.rpm	SHA-256: 822080ed1acae12024cc0dd8e6ded0592a2fcce0919901fc3ae9b3972383b14f
mysql55-mysql-bench-5.5.40-2.el5.ia64.rpm	SHA-256: 13a1997a6e6b7abf55ac2e7cec91c7331444a8b9f4984777d4e24eff6405b7b6
mysql55-mysql-debuginfo-5.5.40-2.el5.ia64.rpm	SHA-256: 5738c9dd0c25ba4df2a20e469c71942c1951060b5dfaa2ebc209236d55c7e2ac
mysql55-mysql-devel-5.5.40-2.el5.ia64.rpm	SHA-256: 1aff5b220ad3e826e1d22c43cdf2d96d1585cbf8ea17672b761b0c999d7575dc
mysql55-mysql-libs-5.5.40-2.el5.ia64.rpm	SHA-256: d3aa0add1c053adc6c9e9325a4962cc6c96afb653bc26e2866e046c974b2937b
mysql55-mysql-server-5.5.40-2.el5.ia64.rpm	SHA-256: a3d85a32e187ccf768f8169f8160f43840934102e589790142d9b1324c4da791
mysql55-mysql-test-5.5.40-2.el5.ia64.rpm	SHA-256: 8f6ebd419e1f5ae517b9abd72664c1239ef0a65f7739f43e27ecbe8dc3a361c7
i386
mysql55-mysql-5.5.40-2.el5.i386.rpm	SHA-256: f3ab8efa54de08e7b6ab7471d88422cf6588807cb7f61680ca23f0f78af31c8e
mysql55-mysql-bench-5.5.40-2.el5.i386.rpm	SHA-256: d1bea9995f2b798840e0fa0a9b5227ef82acb9b99b47c2c189099b96bfc9b6b1
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-devel-5.5.40-2.el5.i386.rpm	SHA-256: c48f70e36a0354568594259dc8b7e828e04218440f07d2196bf7e2c43200865d
mysql55-mysql-libs-5.5.40-2.el5.i386.rpm	SHA-256: 20f0e3988a3a8c082491d1fc69035d4c9a4008411c660360ba732eae0d5d011a
mysql55-mysql-server-5.5.40-2.el5.i386.rpm	SHA-256: 59919c8c30c6887de8a36d42e89d4ee588b4eaad515c64dbb31b8ce3de1b7052
mysql55-mysql-test-5.5.40-2.el5.i386.rpm	SHA-256: 8f4b27140267688930744a83c2285e9b5b09c07ddb942ce35029596a615ed52a

Red Hat Enterprise Linux Workstation 5

SRPM
mysql55-mysql-5.5.40-2.el5.src.rpm	SHA-256: 2a7178e2a3dfdc7aee80f3e058019be521f4823c6047307825ec1688aa2df80d
x86_64
mysql55-mysql-5.5.40-2.el5.x86_64.rpm	SHA-256: e23a32d97828c9419df1abfd18e853fabd3448e41dafb8215a202eb1c659e32a
mysql55-mysql-bench-5.5.40-2.el5.x86_64.rpm	SHA-256: daa925b6137d6bdd62b2a0eae09c4089a954730f4f4c5eaf82e43eaf9bf78c09
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-debuginfo-5.5.40-2.el5.x86_64.rpm	SHA-256: 3fa48e53e77255f2f58c3ebc7b5d2e9a7785b9824ac3060342c6f098b220164c
mysql55-mysql-debuginfo-5.5.40-2.el5.x86_64.rpm	SHA-256: 3fa48e53e77255f2f58c3ebc7b5d2e9a7785b9824ac3060342c6f098b220164c
mysql55-mysql-devel-5.5.40-2.el5.i386.rpm	SHA-256: c48f70e36a0354568594259dc8b7e828e04218440f07d2196bf7e2c43200865d
mysql55-mysql-devel-5.5.40-2.el5.x86_64.rpm	SHA-256: 020a93fe86aec26b6cc1d3cfec6b630d2b1328475f93c5ff9a26532b198d511d
mysql55-mysql-libs-5.5.40-2.el5.x86_64.rpm	SHA-256: 4fbf12df0eefb44527b71ddbcda3064b75bf65614be63eaa3c4fe395a5b913f6
mysql55-mysql-server-5.5.40-2.el5.x86_64.rpm	SHA-256: 1ce47014cb71b6424d522f6a727aca622dd2c60e5e8a835a19b0d24f9512dbf9
mysql55-mysql-test-5.5.40-2.el5.x86_64.rpm	SHA-256: a3d602eb8ba854dae9b5491677c35d57f46daf84266448180f8b3289c10da7e6
i386
mysql55-mysql-5.5.40-2.el5.i386.rpm	SHA-256: f3ab8efa54de08e7b6ab7471d88422cf6588807cb7f61680ca23f0f78af31c8e
mysql55-mysql-bench-5.5.40-2.el5.i386.rpm	SHA-256: d1bea9995f2b798840e0fa0a9b5227ef82acb9b99b47c2c189099b96bfc9b6b1
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-devel-5.5.40-2.el5.i386.rpm	SHA-256: c48f70e36a0354568594259dc8b7e828e04218440f07d2196bf7e2c43200865d
mysql55-mysql-libs-5.5.40-2.el5.i386.rpm	SHA-256: 20f0e3988a3a8c082491d1fc69035d4c9a4008411c660360ba732eae0d5d011a
mysql55-mysql-server-5.5.40-2.el5.i386.rpm	SHA-256: 59919c8c30c6887de8a36d42e89d4ee588b4eaad515c64dbb31b8ce3de1b7052
mysql55-mysql-test-5.5.40-2.el5.i386.rpm	SHA-256: 8f4b27140267688930744a83c2285e9b5b09c07ddb942ce35029596a615ed52a

Red Hat Enterprise Linux Desktop 5

SRPM
mysql55-mysql-5.5.40-2.el5.src.rpm	SHA-256: 2a7178e2a3dfdc7aee80f3e058019be521f4823c6047307825ec1688aa2df80d
x86_64
mysql55-mysql-5.5.40-2.el5.x86_64.rpm	SHA-256: e23a32d97828c9419df1abfd18e853fabd3448e41dafb8215a202eb1c659e32a
mysql55-mysql-bench-5.5.40-2.el5.x86_64.rpm	SHA-256: daa925b6137d6bdd62b2a0eae09c4089a954730f4f4c5eaf82e43eaf9bf78c09
mysql55-mysql-debuginfo-5.5.40-2.el5.x86_64.rpm	SHA-256: 3fa48e53e77255f2f58c3ebc7b5d2e9a7785b9824ac3060342c6f098b220164c
mysql55-mysql-libs-5.5.40-2.el5.x86_64.rpm	SHA-256: 4fbf12df0eefb44527b71ddbcda3064b75bf65614be63eaa3c4fe395a5b913f6
mysql55-mysql-server-5.5.40-2.el5.x86_64.rpm	SHA-256: 1ce47014cb71b6424d522f6a727aca622dd2c60e5e8a835a19b0d24f9512dbf9
mysql55-mysql-test-5.5.40-2.el5.x86_64.rpm	SHA-256: a3d602eb8ba854dae9b5491677c35d57f46daf84266448180f8b3289c10da7e6
i386
mysql55-mysql-5.5.40-2.el5.i386.rpm	SHA-256: f3ab8efa54de08e7b6ab7471d88422cf6588807cb7f61680ca23f0f78af31c8e
mysql55-mysql-bench-5.5.40-2.el5.i386.rpm	SHA-256: d1bea9995f2b798840e0fa0a9b5227ef82acb9b99b47c2c189099b96bfc9b6b1
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-libs-5.5.40-2.el5.i386.rpm	SHA-256: 20f0e3988a3a8c082491d1fc69035d4c9a4008411c660360ba732eae0d5d011a
mysql55-mysql-server-5.5.40-2.el5.i386.rpm	SHA-256: 59919c8c30c6887de8a36d42e89d4ee588b4eaad515c64dbb31b8ce3de1b7052
mysql55-mysql-test-5.5.40-2.el5.i386.rpm	SHA-256: 8f4b27140267688930744a83c2285e9b5b09c07ddb942ce35029596a615ed52a

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
mysql55-mysql-5.5.40-2.el5.src.rpm	SHA-256: 2a7178e2a3dfdc7aee80f3e058019be521f4823c6047307825ec1688aa2df80d
s390x
mysql55-mysql-5.5.40-2.el5.s390x.rpm	SHA-256: 094f3f590340c9eaedbc95c843c02cf8fa9b17863b364eb8d3834433ecdb74c1
mysql55-mysql-bench-5.5.40-2.el5.s390x.rpm	SHA-256: 12a72e424717b7d99977de8b2ced9bcac88d7d495a19f41c0600375427c290e5
mysql55-mysql-debuginfo-5.5.40-2.el5.s390.rpm	SHA-256: e0b4e12d29d37e81b6d8d86d68bf6fed8d059f9a66e81404fbdc65158417d62f
mysql55-mysql-debuginfo-5.5.40-2.el5.s390x.rpm	SHA-256: f6bde92a504864617e746d95c3930099c4f3cb0cec21469aeb07a92b5b7a3df9
mysql55-mysql-devel-5.5.40-2.el5.s390.rpm	SHA-256: c252cce63dd9446bbce2937cf577a040b8cda2c9e3b92bc3ff83c5d672810ae0
mysql55-mysql-devel-5.5.40-2.el5.s390x.rpm	SHA-256: db256030ed1e8dd54788495602f41128f690e985d8bb4f8d414ebaa7a1263df0
mysql55-mysql-libs-5.5.40-2.el5.s390x.rpm	SHA-256: 51dda2bfe4b575ecd948d5fc3367ae597c93baff237a4fcaa4ace3ab45de267c
mysql55-mysql-server-5.5.40-2.el5.s390x.rpm	SHA-256: 66903ce92c9feea53044fc0a0b7534ad0cfcd3afed54fa2a0585d956f5666b54
mysql55-mysql-test-5.5.40-2.el5.s390x.rpm	SHA-256: 179e4c55c9c104f5b5608494a6fc8d747c35ac3c8a8abcadb658e4072e381a40

Red Hat Enterprise Linux for Power, big endian 5

SRPM
mysql55-mysql-5.5.40-2.el5.src.rpm	SHA-256: 2a7178e2a3dfdc7aee80f3e058019be521f4823c6047307825ec1688aa2df80d
ppc
mysql55-mysql-5.5.40-2.el5.ppc.rpm	SHA-256: 86aafbab311b3cc2bc9bbfd217d42c83f066c6144eb84c28c5911f11cb83ffb8
mysql55-mysql-bench-5.5.40-2.el5.ppc.rpm	SHA-256: 94f89ee4c1c8d24bc74e1a9cef91a1eaf727a4bde7bab53131a0c70d070d7623
mysql55-mysql-debuginfo-5.5.40-2.el5.ppc.rpm	SHA-256: cd89677d779e9890795f7818d059e2eaa2dbdad6938281bb7f22108a1b8cd6f8
mysql55-mysql-debuginfo-5.5.40-2.el5.ppc64.rpm	SHA-256: 40f0ce9f21f7d487fea6b106b21f6a38ce22d1d6f58a045d39dc58a2be24c6ab
mysql55-mysql-devel-5.5.40-2.el5.ppc.rpm	SHA-256: 011f2591db67b58c603e4b8a3c0b08811d39274ea4735359a1733179e9baff25
mysql55-mysql-devel-5.5.40-2.el5.ppc64.rpm	SHA-256: 4b456d42a362d7d4ad87d2e9cf68be2556192627f1969526ea3c294fdc14f397
mysql55-mysql-libs-5.5.40-2.el5.ppc.rpm	SHA-256: dc93a8b1f7ceddbdf9064d08b916b1dcf1944150a04ec9c75b32994a6cc11556
mysql55-mysql-server-5.5.40-2.el5.ppc.rpm	SHA-256: ebf69b48100c511ba91b3286c6bcc40d27e1e88513b00118148896c83e456f16
mysql55-mysql-test-5.5.40-2.el5.ppc.rpm	SHA-256: 1b11e9d8f3d4a8d204fa938bf98d3c3167a6d7b42e8a2022d09accf8ec2bf36e

Red Hat Enterprise Linux Server from RHUI 5

SRPM
mysql55-mysql-5.5.40-2.el5.src.rpm	SHA-256: 2a7178e2a3dfdc7aee80f3e058019be521f4823c6047307825ec1688aa2df80d
x86_64
mysql55-mysql-5.5.40-2.el5.x86_64.rpm	SHA-256: e23a32d97828c9419df1abfd18e853fabd3448e41dafb8215a202eb1c659e32a
mysql55-mysql-bench-5.5.40-2.el5.x86_64.rpm	SHA-256: daa925b6137d6bdd62b2a0eae09c4089a954730f4f4c5eaf82e43eaf9bf78c09
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-debuginfo-5.5.40-2.el5.x86_64.rpm	SHA-256: 3fa48e53e77255f2f58c3ebc7b5d2e9a7785b9824ac3060342c6f098b220164c
mysql55-mysql-devel-5.5.40-2.el5.i386.rpm	SHA-256: c48f70e36a0354568594259dc8b7e828e04218440f07d2196bf7e2c43200865d
mysql55-mysql-devel-5.5.40-2.el5.x86_64.rpm	SHA-256: 020a93fe86aec26b6cc1d3cfec6b630d2b1328475f93c5ff9a26532b198d511d
mysql55-mysql-libs-5.5.40-2.el5.x86_64.rpm	SHA-256: 4fbf12df0eefb44527b71ddbcda3064b75bf65614be63eaa3c4fe395a5b913f6
mysql55-mysql-server-5.5.40-2.el5.x86_64.rpm	SHA-256: 1ce47014cb71b6424d522f6a727aca622dd2c60e5e8a835a19b0d24f9512dbf9
mysql55-mysql-test-5.5.40-2.el5.x86_64.rpm	SHA-256: a3d602eb8ba854dae9b5491677c35d57f46daf84266448180f8b3289c10da7e6
i386
mysql55-mysql-5.5.40-2.el5.i386.rpm	SHA-256: f3ab8efa54de08e7b6ab7471d88422cf6588807cb7f61680ca23f0f78af31c8e
mysql55-mysql-bench-5.5.40-2.el5.i386.rpm	SHA-256: d1bea9995f2b798840e0fa0a9b5227ef82acb9b99b47c2c189099b96bfc9b6b1
mysql55-mysql-debuginfo-5.5.40-2.el5.i386.rpm	SHA-256: 63e08d3ca9f95fd445697e601c453166a59965607b61683955811d132801577e
mysql55-mysql-devel-5.5.40-2.el5.i386.rpm	SHA-256: c48f70e36a0354568594259dc8b7e828e04218440f07d2196bf7e2c43200865d
mysql55-mysql-libs-5.5.40-2.el5.i386.rpm	SHA-256: 20f0e3988a3a8c082491d1fc69035d4c9a4008411c660360ba732eae0d5d011a
mysql55-mysql-server-5.5.40-2.el5.i386.rpm	SHA-256: 59919c8c30c6887de8a36d42e89d4ee588b4eaad515c64dbb31b8ce3de1b7052
mysql55-mysql-test-5.5.40-2.el5.i386.rpm	SHA-256: 8f4b27140267688930744a83c2285e9b5b09c07ddb942ce35029596a615ed52a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation