- Issued:
- 2014-11-17
- Updated:
- 2014-11-17
RHSA-2014:1860 - Security Advisory
Synopsis
Important: mysql55-mysql security update
Type/Severity
Security Advisory: Important
Topic
Updated mysql55-mysql packages that fix several security issues are now
available for Red Hat Software Collections 1.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Description
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
This update fixes several vulnerabilities in the MySQL database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)
These updated packages upgrade MySQL to version 5.5.40. Refer to the MySQL
Release Notes listed in the References section for a complete list of
changes.
All MySQL users should upgrade to these updated packages, which correct
these issues. After installing this update, the MySQL server daemon
(mysqld) will be restarted automatically.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
Affected Products
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.6 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.5 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.4 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6 x86_64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6 x86_64
- Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 6 x86_64
Fixes
- BZ - 1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014)
- BZ - 1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
- BZ - 1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014)
- BZ - 1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
- BZ - 1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
- BZ - 1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
- BZ - 1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
- BZ - 1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
- BZ - 1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
- BZ - 1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
- BZ - 1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
- BZ - 1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
- BZ - 1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
- BZ - 1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
- BZ - 1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)
CVEs
- CVE-2014-4260
- CVE-2014-4258
- CVE-2014-4274
- CVE-2014-6507
- CVE-2014-6520
- CVE-2014-6505
- CVE-2014-6551
- CVE-2014-2494
- CVE-2014-6555
- CVE-2014-4207
- CVE-2014-4287
- CVE-2014-6469
- CVE-2014-6484
- CVE-2014-4243
- CVE-2014-6464
- CVE-2014-6559
- CVE-2014-6530
- CVE-2014-6463
References
- https://access.redhat.com/security/updates/classification/#important
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL
- https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el7.src.rpm | SHA-256: 97163ae0e360924d162f1ee732304b9e7b7f050b854869a6db8878f85b35ea8f |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el7.x86_64.rpm | SHA-256: bfb70bf86a8aa571b287b9b5a0e0a6fab5bb883dca9f9e2d2c8ce24909b48d80 |
| mysql55-mysql-bench-5.5.40-1.el7.x86_64.rpm | SHA-256: f29bd53538afd412d154dc7dbf58a3edbb7c1170b9aa0a0782d7a31d86a68cf4 |
| mysql55-mysql-debuginfo-5.5.40-1.el7.x86_64.rpm | SHA-256: d2fe883491052e98e9a31d48e8261c6166e89058073457b17f2ec12e57c1acbc |
| mysql55-mysql-devel-5.5.40-1.el7.x86_64.rpm | SHA-256: 945f2593faf6fa10095c28feef3c3ce8538ee61e2ca0dff7217d97a1457f981b |
| mysql55-mysql-libs-5.5.40-1.el7.x86_64.rpm | SHA-256: 0809d6514d1a9a129235d25884e457e20051ae2478c3316642271265f4b0dbf3 |
| mysql55-mysql-server-5.5.40-1.el7.x86_64.rpm | SHA-256: 152a4c37f9f775b110b860604cc1f38b5f513734e3dcb59272900980acd2598e |
| mysql55-mysql-test-5.5.40-1.el7.x86_64.rpm | SHA-256: 61ba9e1a0cf05439b6dc6b1070dd6d08bd6660ff8e36ac68de731be1c8c39330 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.5
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.4
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el7.src.rpm | SHA-256: 97163ae0e360924d162f1ee732304b9e7b7f050b854869a6db8878f85b35ea8f |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el7.x86_64.rpm | SHA-256: bfb70bf86a8aa571b287b9b5a0e0a6fab5bb883dca9f9e2d2c8ce24909b48d80 |
| mysql55-mysql-bench-5.5.40-1.el7.x86_64.rpm | SHA-256: f29bd53538afd412d154dc7dbf58a3edbb7c1170b9aa0a0782d7a31d86a68cf4 |
| mysql55-mysql-debuginfo-5.5.40-1.el7.x86_64.rpm | SHA-256: d2fe883491052e98e9a31d48e8261c6166e89058073457b17f2ec12e57c1acbc |
| mysql55-mysql-devel-5.5.40-1.el7.x86_64.rpm | SHA-256: 945f2593faf6fa10095c28feef3c3ce8538ee61e2ca0dff7217d97a1457f981b |
| mysql55-mysql-libs-5.5.40-1.el7.x86_64.rpm | SHA-256: 0809d6514d1a9a129235d25884e457e20051ae2478c3316642271265f4b0dbf3 |
| mysql55-mysql-server-5.5.40-1.el7.x86_64.rpm | SHA-256: 152a4c37f9f775b110b860604cc1f38b5f513734e3dcb59272900980acd2598e |
| mysql55-mysql-test-5.5.40-1.el7.x86_64.rpm | SHA-256: 61ba9e1a0cf05439b6dc6b1070dd6d08bd6660ff8e36ac68de731be1c8c39330 |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 7
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el7.src.rpm | SHA-256: 97163ae0e360924d162f1ee732304b9e7b7f050b854869a6db8878f85b35ea8f |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el7.x86_64.rpm | SHA-256: bfb70bf86a8aa571b287b9b5a0e0a6fab5bb883dca9f9e2d2c8ce24909b48d80 |
| mysql55-mysql-bench-5.5.40-1.el7.x86_64.rpm | SHA-256: f29bd53538afd412d154dc7dbf58a3edbb7c1170b9aa0a0782d7a31d86a68cf4 |
| mysql55-mysql-debuginfo-5.5.40-1.el7.x86_64.rpm | SHA-256: d2fe883491052e98e9a31d48e8261c6166e89058073457b17f2ec12e57c1acbc |
| mysql55-mysql-devel-5.5.40-1.el7.x86_64.rpm | SHA-256: 945f2593faf6fa10095c28feef3c3ce8538ee61e2ca0dff7217d97a1457f981b |
| mysql55-mysql-libs-5.5.40-1.el7.x86_64.rpm | SHA-256: 0809d6514d1a9a129235d25884e457e20051ae2478c3316642271265f4b0dbf3 |
| mysql55-mysql-server-5.5.40-1.el7.x86_64.rpm | SHA-256: 152a4c37f9f775b110b860604cc1f38b5f513734e3dcb59272900980acd2598e |
| mysql55-mysql-test-5.5.40-1.el7.x86_64.rpm | SHA-256: 61ba9e1a0cf05439b6dc6b1070dd6d08bd6660ff8e36ac68de731be1c8c39330 |
Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 6
| SRPM | |
|---|---|
| mysql55-mysql-5.5.40-1.el6.src.rpm | SHA-256: b10abeb5aba247d76bf1f39fe5e49d93990e13aa32c4732401b324a50e1a8473 |
| x86_64 | |
| mysql55-mysql-5.5.40-1.el6.x86_64.rpm | SHA-256: cc5959d8c8a98e3343b96c45aa5a900052f2cfe99dc83c5b064618b19734dde9 |
| mysql55-mysql-bench-5.5.40-1.el6.x86_64.rpm | SHA-256: c0a657c8c1a2dee4ccce11a5cf62055c05e4498c8b32c76941d8feb071b2fc62 |
| mysql55-mysql-debuginfo-5.5.40-1.el6.x86_64.rpm | SHA-256: cede8c9a14804eb0ccb756ce412bb41c585dfa24544b2f4dfd211901429ecfbe |
| mysql55-mysql-devel-5.5.40-1.el6.x86_64.rpm | SHA-256: 237423ed679c5efaa20f2842fa8c5a2e50668403591e75e075870900c2d240f8 |
| mysql55-mysql-libs-5.5.40-1.el6.x86_64.rpm | SHA-256: 72fe8b27c0f48da8b72f7907fe94d837ae205b2d6ea58736b6696ef34a432653 |
| mysql55-mysql-server-5.5.40-1.el6.x86_64.rpm | SHA-256: 7003942cdb0d324a94f94ee121c8ee269d2548ee88589d65bfa7dc09eaa5e4b4 |
| mysql55-mysql-test-5.5.40-1.el6.x86_64.rpm | SHA-256: 1b865bb4f318d5589fcd57f28d557a0572a8b90dd42483b1a345b65e6be34f3e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.