- 发布:
- 2014-11-17
- 已更新:
- 2014-11-17
RHSA-2014:1860 - Security Advisory
概述
Important: mysql55-mysql security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
识别并修复受此公告影响的系统。
标题
Updated mysql55-mysql packages that fix several security issues are now
available for Red Hat Software Collections 1.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
描述
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
This update fixes several vulnerabilities in the MySQL database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)
These updated packages upgrade MySQL to version 5.5.40. Refer to the MySQL
Release Notes listed in the References section for a complete list of
changes.
All MySQL users should upgrade to these updated packages, which correct
these issues. After installing this update, the MySQL server daemon
(mysqld) will be restarted automatically.
解决方案
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
受影响的产品
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.6 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.5 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.4 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6 x86_64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6 x86_64
- Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 6 x86_64
修复
- BZ - 1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014)
- BZ - 1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
- BZ - 1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014)
- BZ - 1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
- BZ - 1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
- BZ - 1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
- BZ - 1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
- BZ - 1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
- BZ - 1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
- BZ - 1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
- BZ - 1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
- BZ - 1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
- BZ - 1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
- BZ - 1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
- BZ - 1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)
CVE
参考
- https://access.redhat.com/security/updates/classification/#important
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL
- https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el7.src.rpm | SHA-256: 97163ae0e360924d162f1ee732304b9e7b7f050b854869a6db8878f85b35ea8f |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el7.x86_64.rpm | SHA-256: bfb70bf86a8aa571b287b9b5a0e0a6fab5bb883dca9f9e2d2c8ce24909b48d80 |
| mysql55-mysql-bench-5.5.40-1.el7.x86_64.rpm | SHA-256: f29bd53538afd412d154dc7dbf58a3edbb7c1170b9aa0a0782d7a31d86a68cf4 |
| mysql55-mysql-debuginfo-5.5.40-1.el7.x86_64.rpm | SHA-256: d2fe883491052e98e9a31d48e8261c6166e89058073457b17f2ec12e57c1acbc |
| mysql55-mysql-devel-5.5.40-1.el7.x86_64.rpm | SHA-256: 945f2593faf6fa10095c28feef3c3ce8538ee61e2ca0dff7217d97a1457f981b |
| mysql55-mysql-libs-5.5.40-1.el7.x86_64.rpm | SHA-256: 0809d6514d1a9a129235d25884e457e20051ae2478c3316642271265f4b0dbf3 |
| mysql55-mysql-server-5.5.40-1.el7.x86_64.rpm | SHA-256: 152a4c37f9f775b110b860604cc1f38b5f513734e3dcb59272900980acd2598e |
| mysql55-mysql-test-5.5.40-1.el7.x86_64.rpm | SHA-256: 61ba9e1a0cf05439b6dc6b1070dd6d08bd6660ff8e36ac68de731be1c8c39330 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.5
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.4
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el7.src.rpm | SHA-256: 97163ae0e360924d162f1ee732304b9e7b7f050b854869a6db8878f85b35ea8f |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el7.x86_64.rpm | SHA-256: bfb70bf86a8aa571b287b9b5a0e0a6fab5bb883dca9f9e2d2c8ce24909b48d80 |
| mysql55-mysql-bench-5.5.40-1.el7.x86_64.rpm | SHA-256: f29bd53538afd412d154dc7dbf58a3edbb7c1170b9aa0a0782d7a31d86a68cf4 |
| mysql55-mysql-debuginfo-5.5.40-1.el7.x86_64.rpm | SHA-256: d2fe883491052e98e9a31d48e8261c6166e89058073457b17f2ec12e57c1acbc |
| mysql55-mysql-devel-5.5.40-1.el7.x86_64.rpm | SHA-256: 945f2593faf6fa10095c28feef3c3ce8538ee61e2ca0dff7217d97a1457f981b |
| mysql55-mysql-libs-5.5.40-1.el7.x86_64.rpm | SHA-256: 0809d6514d1a9a129235d25884e457e20051ae2478c3316642271265f4b0dbf3 |
| mysql55-mysql-server-5.5.40-1.el7.x86_64.rpm | SHA-256: 152a4c37f9f775b110b860604cc1f38b5f513734e3dcb59272900980acd2598e |
| mysql55-mysql-test-5.5.40-1.el7.x86_64.rpm | SHA-256: 61ba9e1a0cf05439b6dc6b1070dd6d08bd6660ff8e36ac68de731be1c8c39330 |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 7
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el7.src.rpm | SHA-256: 97163ae0e360924d162f1ee732304b9e7b7f050b854869a6db8878f85b35ea8f |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el7.x86_64.rpm | SHA-256: bfb70bf86a8aa571b287b9b5a0e0a6fab5bb883dca9f9e2d2c8ce24909b48d80 |
| mysql55-mysql-bench-5.5.40-1.el7.x86_64.rpm | SHA-256: f29bd53538afd412d154dc7dbf58a3edbb7c1170b9aa0a0782d7a31d86a68cf4 |
| mysql55-mysql-debuginfo-5.5.40-1.el7.x86_64.rpm | SHA-256: d2fe883491052e98e9a31d48e8261c6166e89058073457b17f2ec12e57c1acbc |
| mysql55-mysql-devel-5.5.40-1.el7.x86_64.rpm | SHA-256: 945f2593faf6fa10095c28feef3c3ce8538ee61e2ca0dff7217d97a1457f981b |
| mysql55-mysql-libs-5.5.40-1.el7.x86_64.rpm | SHA-256: 0809d6514d1a9a129235d25884e457e20051ae2478c3316642271265f4b0dbf3 |
| mysql55-mysql-server-5.5.40-1.el7.x86_64.rpm | SHA-256: 152a4c37f9f775b110b860604cc1f38b5f513734e3dcb59272900980acd2598e |
| mysql55-mysql-test-5.5.40-1.el7.x86_64.rpm | SHA-256: 61ba9e1a0cf05439b6dc6b1070dd6d08bd6660ff8e36ac68de731be1c8c39330 |
Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。
