Package: mysql-5.5 Severity: grave Tags: security Justification: user security hole
Exploits for new MySQL issues have been posted to the full-disclosure mailing list. This mail summarises the current state of affairs: CVE-2012-5611 (formerly tracked as CVE-2012-5579) Exploit: http://seclists.org/fulldisclosure/2012/Dec/4 Patch already available through mariadb. CVE-2012-5612 Exploit: http://seclists.org/fulldisclosure/2012/Dec/5 mariadb bug: https://mariadb.atlassian.net/browse/MDEV-3908 CVE-2012-5613 Exploit: http://seclists.org/fulldisclosure/2012/Dec/6 This was discussed to be intended behaviour: http://seclists.org/oss-sec/2012/q4/388 CVE-2012-5614 Exploit: http://seclists.org/fulldisclosure/2012/De mariadb bug: https://mariadb.atlassian.net/browse/MDEV-3910 CVE-2012-5615 Exploit: http://seclists.org/fulldisclosure/2012/Dec/9 mariadb bug: https://mariadb.atlassian.net/browse/MDEV-3909 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
