1
Candidate: CVE-2015-1027
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1027
6
The version checking subroutine in percona-toolkit before 2.2.13 and
7
xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and
8
Man In The Middle attacks in which the server response could be modified to
9
allow the attacker to respond with modified command payload and have the
10
client return additional running configuration information leading to an
11
information disclosure of running configuration of MySQL.
14
sarnold> Debian notes this version check is disabled, it may be disabled in
21
Patches_percona-toolkit:
22
patch: https://build.opensuse.org/package/view_file/openSUSE:13.1:Update/xtrabackup/percona-xtrabackup-CVE-2015-1027.patch?expand=1
23
upstream_percona-toolkit: needed
24
lucid_percona-toolkit: DNE
25
precise_percona-toolkit: ignored (reached end-of-life)
26
precise/esm_percona-toolkit: DNE (precise was needed)
27
trusty_percona-toolkit: needed
28
utopic_percona-toolkit: ignored (reached end-of-life)
29
vivid_percona-toolkit: ignored (reached end-of-life)
30
vivid/stable-phone-overlay_percona-toolkit: DNE
31
vivid/ubuntu-core_percona-toolkit: DNE
32
wily_percona-toolkit: ignored (reached end-of-life)
33
xenial_percona-toolkit: needed
34
yakkety_percona-toolkit: ignored (reached end-of-life)
35
zesty_percona-toolkit: ignored (reached end-of-life)
36
artful_percona-toolkit: needed
37
bionic_percona-toolkit: needed
38
devel_percona-toolkit: needed
40
Patches_percona-xtrabackup:
41
patch: https://build.opensuse.org/package/view_file/openSUSE:13.1:Update/xtrabackup/percona-xtrabackup-CVE-2015-1027.patch?expand=1
42
upstream_percona-xtrabackup: needed
43
lucid_percona-xtrabackup: DNE
44
precise_percona-xtrabackup: DNE
45
precise/esm_percona-xtrabackup: DNE
46
trusty_percona-xtrabackup: needed
47
utopic_percona-xtrabackup: ignored (reached end-of-life)
48
vivid_percona-xtrabackup: ignored (reached end-of-life)
49
vivid/stable-phone-overlay_percona-xtrabackup: DNE
50
vivid/ubuntu-core_percona-xtrabackup: DNE
51
wily_percona-xtrabackup: ignored (reached end-of-life)
52
xenial_percona-xtrabackup: needed
53
yakkety_percona-xtrabackup: ignored (reached end-of-life)
54
zesty_percona-xtrabackup: ignored (reached end-of-life)
55
artful_percona-xtrabackup: needed
56
bionic_percona-xtrabackup: needed
57
devel_percona-xtrabackup: needed