rhsa-2014_0173
Vulnerability from csaf_redhat
Published
2014-02-13 18:33
Modified
2024-11-14 14:25
Summary
Red Hat Security Advisory: mysql55-mysql security update
Notes
Topic
Updated mysql55-mysql packages that fix several security issues are now
available for Red Hat Software Collections 1.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
This update fixes several vulnerabilities in the MySQL database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2013-5807,
CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402,
CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908)
A buffer overflow flaw was found in the way the MySQL command line client
tool (mysql) processed excessively long version strings. If a user
connected to a malicious MySQL server via the mysql client, the server
could use this flaw to crash the mysql client or, potentially, execute
arbitrary code as the user running the mysql client. (CVE-2014-0001)
The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat
Security Response Team.
These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL
Release Notes listed in the References section for a complete list
of changes.
All MySQL users should upgrade to these updated packages, which correct
these issues. After installing this update, the MySQL server daemon
(mysqld) will be restarted automatically.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated mysql55-mysql packages that fix several security issues are now\navailable for Red Hat Software Collections 1.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory page, listed in the References section. (CVE-2013-5807,\nCVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402,\nCVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908)\n\nA buffer overflow flaw was found in the way the MySQL command line client\ntool (mysql) processed excessively long version strings. If a user\nconnected to a malicious MySQL server via the mysql client, the server\ncould use this flaw to crash the mysql client or, potentially, execute\narbitrary code as the user running the mysql client. (CVE-2014-0001)\n\nThe CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat\nSecurity Response Team.\n\nThese updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL\nRelease Notes listed in the References section for a complete list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0173", "url": "https://access.redhat.com/errata/RHSA-2014:0173" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixMSQL", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixMSQL" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixMSQL", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixMSQL" }, { "category": "external", "summary": "http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html", "url": "http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html" }, { "category": "external", "summary": "1019978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019978" }, { "category": "external", "summary": "1019997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019997" }, { "category": "external", "summary": "1053371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053371" }, { "category": "external", "summary": "1053373", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053373" }, { "category": "external", "summary": "1053375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053375" }, { "category": "external", "summary": "1053377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053377" }, { "category": "external", "summary": "1053378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053378" }, { "category": "external", "summary": "1053380", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053380" }, { "category": "external", "summary": "1053381", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053381" }, { "category": "external", "summary": "1053383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053383" }, { "category": "external", "summary": "1053390", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053390" }, { "category": "external", "summary": "1054592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1054592" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0173.json" } ], "title": "Red Hat Security Advisory: mysql55-mysql security update", "tracking": { "current_release_date": "2024-11-14T14:25:48+00:00", "generator": { "date": "2024-11-14T14:25:48+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2014:0173", "initial_release_date": "2014-02-13T18:33:19+00:00", "revision_history": [ { "date": "2014-02-13T18:33:19+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-03-11T11:49:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T14:25:48+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6" } } }, { "category": "product_name", "name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql-bench@5.5.36-1.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql-debuginfo@5.5.36-1.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql-devel@5.5.36-1.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql@5.5.36-1.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql-libs@5.5.36-1.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql-test@5.5.36-1.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "product": { "name": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "product_id": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql-server@5.5.36-1.1.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "mysql55-mysql-0:5.5.36-1.1.el6.src", "product": { "name": "mysql55-mysql-0:5.5.36-1.1.el6.src", "product_id": "mysql55-mysql-0:5.5.36-1.1.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql55-mysql@5.5.36-1.1.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-0:5.5.36-1.1.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src" }, "product_reference": "mysql55-mysql-0:5.5.36-1.1.el6.src", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Server-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-0:5.5.36-1.1.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src" }, "product_reference": "mysql55-mysql-0:5.5.36-1.1.el6.src", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" }, "product_reference": "mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "relates_to_product_reference": "6Workstation-RHSCL-1.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-3839", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019978" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified DoS related to Optimizer (CPU October 2013)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-3839" }, { "category": "external", "summary": "RHBZ#1019978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019978" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-3839", "url": "https://www.cve.org/CVERecord?id=CVE-2013-3839" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3839", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3839" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql: unspecified DoS related to Optimizer (CPU October 2013)" }, { "cve": "CVE-2013-5807", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019997" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified flaw related to Replication (CPU October 2013)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5807" }, { "category": "external", "summary": "RHBZ#1019997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019997" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5807", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5807" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified flaw related to Replication (CPU October 2013)" }, { "cve": "CVE-2013-5891", "discovery_date": "2014-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053371" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to Partition DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5891" }, { "category": "external", "summary": "RHBZ#1053371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053371" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5891", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5891" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5891", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5891" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to Partition DoS (CPU Jan 2014)" }, { "cve": "CVE-2013-5908", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053373" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to Error Handling DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5908" }, { "category": "external", "summary": "RHBZ#1053373", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053373" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5908", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5908" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5908", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5908" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql: unspecified vulnerability related to Error Handling DoS (CPU Jan 2014)" }, { "acknowledgments": [ { "names": [ "Garth Mollett" ], "organization": "Red Hat Security Response Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2014-0001", "discovery_date": "2014-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1054592" } ], "notes": [ { "category": "description", "text": "Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: command-line tool buffer overflow via long server version string", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0001" }, { "category": "external", "summary": "RHBZ#1054592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1054592" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0001", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0001" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0001", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0001" } ], "release_date": "2014-01-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: command-line tool buffer overflow via long server version string" }, { "cve": "CVE-2014-0386", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053375" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0386" }, { "category": "external", "summary": "RHBZ#1053375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053375" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0386", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0386" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0386", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0386" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)" }, { "cve": "CVE-2014-0393", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053377" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to InnoDB affecting integrity (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0393" }, { "category": "external", "summary": "RHBZ#1053377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0393", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0393" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0393", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0393" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to InnoDB affecting integrity (CPU Jan 2014)" }, { "cve": "CVE-2014-0401", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053378" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified DoS vulnerability (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0401" }, { "category": "external", "summary": "RHBZ#1053378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0401", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0401" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0401", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0401" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified DoS vulnerability (CPU Jan 2014)" }, { "cve": "CVE-2014-0402", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053380" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to Locking DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0402" }, { "category": "external", "summary": "RHBZ#1053380", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053380" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0402", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0402" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0402", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0402" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to Locking DoS (CPU Jan 2014)" }, { "cve": "CVE-2014-0412", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053381" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to InnoDB DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0412" }, { "category": "external", "summary": "RHBZ#1053381", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053381" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0412", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0412" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0412", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0412" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to InnoDB DoS (CPU Jan 2014)" }, { "cve": "CVE-2014-0420", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053383" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to Replication DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0420" }, { "category": "external", "summary": "RHBZ#1053383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0420", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0420" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0420", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0420" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "PARTIAL", "baseScore": 2.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:M/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to Replication DoS (CPU Jan 2014)" }, { "cve": "CVE-2014-0437", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053390" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0437" }, { "category": "external", "summary": "RHBZ#1053390", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053390" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0437", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0437" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0437", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0437" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-02-13T18:33:19+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0173" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Server-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Server-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.src", "6Workstation-RHSCL-1.0:mysql55-mysql-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-bench-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-debuginfo-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-devel-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-libs-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-server-0:5.5.36-1.1.el6.x86_64", "6Workstation-RHSCL-1.0:mysql55-mysql-test-0:5.5.36-1.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.