Package: mysql-5.5 Severity: grave Tags: security New MySQL security round:
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html CVE-2012-1735 MySQL Server MySQL Protocol Server Optimizer No 6.8 Network Low Single None None Complete 5.5.23 and earlier CVE-2012-0540 MySQL Server MySQL Protocol GIS Extension No 4.0 Network Low Single None None Partial+ 5.1.62 and earlier, 5.5.23 and earlier CVE-2012-1757 MySQL Server MySQL Protocol InnoDB No 4.0 Network Low Single None None Partial+ 5.5.23 and earlier CVE-2012-1756 MySQL Server MySQL Protocol Server No 4.0 Network Low Single None None Partial+ 5.5.23 and earlier CVE-2012-1734 MySQL Server MySQL Protocol Server Optimizer No 4.0 Network Low Single None None Partial+ 5.1.62 and earlier, 5.5.23 and earlier CVE-2012-1689 MySQL Server MySQL Protocol Server Optimizer No 4.0 Network Low Single None None Partial+ 5.1.62 and earlier, 5.5.22 and earlier The advisory is confusing, I'm not sure which upstream version fixes these issues. I'm afraid we'll have to update to a new upstream, though. Maybe we can switch to a FLOSS-friendly fork like mariadb after Wheezy release... Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
