1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
PublicDateAtUSN: 2017-04-24
Candidate: CVE-2017-3462
PublicDate: 2017-04-24
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3462
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.ubuntu.com/usn/usn-3269-1
http://www.ubuntu.com/usn/usn-3357-2
Description:
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent:
Server: Security: Privileges). Supported versions that are affected are
5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily
"exploitable" vulnerability allows high privileged attacker with network
access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a
hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS
3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860547
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860544
Priority: medium
Discovered-by:
Assigned-to:
Patches_mysql-5.7:
upstream_mysql-5.7: released (5.7.18)
precise_mysql-5.7: DNE
precise/esm_mysql-5.7: DNE
trusty_mysql-5.7: DNE
vivid/stable-phone-overlay_mysql-5.7: DNE
vivid/ubuntu-core_mysql-5.7: DNE
xenial_mysql-5.7: released (5.7.18-0ubuntu0.16.04.1)
yakkety_mysql-5.7: released (5.7.18-0ubuntu0.16.10.1)
zesty_mysql-5.7: released (5.7.18-0ubuntu0.17.04.1)
devel_mysql-5.7: released (5.7.18-0ubuntu1)
Patches_mysql-5.5:
upstream_mysql-5.5: released (5.5.55)
precise_mysql-5.5: ignored (reached end-of-life)
precise/esm_mysql-5.5: released (5.5.57-0ubuntu0.12.04.1)
trusty_mysql-5.5: released (5.5.55-0ubuntu0.14.04.1)
vivid/stable-phone-overlay_mysql-5.5: DNE
vivid/ubuntu-core_mysql-5.5: DNE
xenial_mysql-5.5: DNE
yakkety_mysql-5.5: DNE
zesty_mysql-5.5: DNE
devel_mysql-5.5: DNE
Patches_mysql-5.6:
upstream_mysql-5.6: released (5.6.36)
precise_mysql-5.6: DNE
precise/esm_mysql-5.6: DNE
trusty_mysql-5.6: needed
vivid/ubuntu-core_mysql-5.6: DNE
vivid/stable-phone-overlay_mysql-5.6: DNE
xenial_mysql-5.6: DNE
yakkety_mysql-5.6: DNE
zesty_mysql-5.6: DNE
devel_mysql-5.6: DNE
Patches_mariadb-5.5:
upstream_mariadb-5.5: needs-triage
precise_mariadb-5.5: DNE
precise/esm_mariadb-5.5: DNE
trusty_mariadb-5.5: needed
vivid/ubuntu-core_mariadb-5.5: DNE
vivid/stable-phone-overlay_mariadb-5.5: DNE
xenial_mariadb-5.5: DNE
yakkety_mariadb-5.5: DNE
zesty_mariadb-5.5: DNE
devel_mariadb-5.5: DNE
Patches_mariadb-10.0:
upstream_mariadb-10.0: needs-triage
precise_mariadb-10.0: DNE
precise/esm_mariadb-10.0: DNE
trusty_mariadb-10.0: DNE
vivid/ubuntu-core_mariadb-10.0: DNE
vivid/stable-phone-overlay_mariadb-10.0: DNE
xenial_mariadb-10.0: needed
yakkety_mariadb-10.0: ignored (reached end-of-life)
zesty_mariadb-10.0: DNE
devel_mariadb-10.0: DNE
Patches_mariadb-10.1:
upstream_mariadb-10.1: needs-triage
precise_mariadb-10.1: DNE
precise/esm_mariadb-10.1: DNE
trusty_mariadb-10.1: DNE
vivid/ubuntu-core_mariadb-10.1: DNE
vivid/stable-phone-overlay_mariadb-10.1: DNE
xenial_mariadb-10.1: DNE
yakkety_mariadb-10.1: DNE
zesty_mariadb-10.1: needed
devel_mariadb-10.1: needed
Patches_percona-xtradb-cluster-5.5:
upstream_percona-xtradb-cluster-5.5: needs-triage
precise_percona-xtradb-cluster-5.5: DNE
precise/esm_percona-xtradb-cluster-5.5: DNE
trusty_percona-xtradb-cluster-5.5: needed
vivid/ubuntu-core_percona-xtradb-cluster-5.5: DNE
vivid/stable-phone-overlay_percona-xtradb-cluster-5.5: DNE
xenial_percona-xtradb-cluster-5.5: DNE
yakkety_percona-xtradb-cluster-5.5: DNE
zesty_percona-xtradb-cluster-5.5: DNE
devel_percona-xtradb-cluster-5.5: DNE
Patches_percona-xtradb-cluster-5.6:
upstream_percona-xtradb-cluster-5.6: needs-triage
precise_percona-xtradb-cluster-5.6: DNE
precise/esm_percona-xtradb-cluster-5.6: DNE
trusty_percona-xtradb-cluster-5.6: DNE
vivid/ubuntu-core_percona-xtradb-cluster-5.6: DNE
vivid/stable-phone-overlay_percona-xtradb-cluster-5.6: DNE
xenial_percona-xtradb-cluster-5.6: needed
yakkety_percona-xtradb-cluster-5.6: ignored (reached end-of-life)
zesty_percona-xtradb-cluster-5.6: needed
devel_percona-xtradb-cluster-5.6: needed
Patches_percona-server-5.6:
upstream_percona-server-5.6: needs-triage
precise_percona-server-5.6: DNE
precise/esm_percona-server-5.6: DNE
trusty_percona-server-5.6: DNE
vivid/ubuntu-core_percona-server-5.6: DNE
vivid/stable-phone-overlay_percona-server-5.6: DNE
xenial_percona-server-5.6: needed
yakkety_percona-server-5.6: ignored (reached end-of-life)
zesty_percona-server-5.6: needed
devel_percona-server-5.6: needed
|