Security update for mysql, mysql-client

SUSE Security Update: Security update for mysql, mysql-client


Announcement ID: SUSE-SU-2013:1529-1
Rating: important
References: #734436 #768832 #780019 #789263 #791863 #792332 #803040 #830086 #834028 #834967 #837801
Affected Products:
  • SUSE Linux Enterprise Software Development Kit 11 SP3
  • SUSE Linux Enterprise Server 11 SP3 for VMware
  • SUSE Linux Enterprise Server 11 SP3
  • SUSE Linux Enterprise Desktop 11 SP3

  • An update that contains security fixes can now be installed. It includes one version update.

    Description:

     


    This version upgrade of mysql to 5.5.33 fixed multiple
    security issues:

    * CVE-2013-1861 CVE-2013-3783 CVE-2013-3793
    CVE-2013-3794
    * CVE-2013-3795 CVE-2013-3796 CVE-2013-3798
    CVE-2013-3801
    * CVE-2013-3802 CVE-2013-3804 CVE-2013-3805
    CVE-2013-3806
    * CVE-2013-3807 CVE-2013-3808 CVE-2013-3809
    CVE-2013-3810
    * CVE-2013-3811 CVE-2013-3812

    Additionally, it contains numerous bug fixes and
    improvements.:

    * fixed mysqldump with MySQL 5.0 (bnc#768832)
    * fixed log rights (bnc#789263 and bnc#803040 and
    bnc#792332)
    * binlog disabled in default configuration (bnc#791863)
    * fixed dependencies for client package (bnc#780019)
    * minor polishing of spec/installation
    * avoid file conflicts with mytop
    * better fix for hardcoded libdir issue
    * fixed hardcoded plugin paths (bnc#834028)
    * use chown --no-dereference instead of chown to
    improve security (bnc#834967)
    * adjust to spell !includedir correctly in /etc/my.cnf
    (bnc#734436)
    * typo in init script stops database on update
    (bnc#837801)

     

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Software Development Kit 11 SP3:
      zypper in -t patch sdksp3-libmysql55client18-8364
    • SUSE Linux Enterprise Server 11 SP3 for VMware:
      zypper in -t patch slessp3-libmysql55client18-8364
    • SUSE Linux Enterprise Server 11 SP3:
      zypper in -t patch slessp3-libmysql55client18-8364
    • SUSE Linux Enterprise Desktop 11 SP3:
      zypper in -t patch sledsp3-libmysql55client18-8364

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64):
    • libmysql55client_r18-32bit-5.5.33-0.11.1
    • libmysqlclient_r15-32bit-5.0.96-0.6.9
    • SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64):
    • libmysql55client_r18-x86-5.5.33-0.11.1
    • libmysqlclient_r15-x86-5.0.96-0.6.9
    • SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 5.5.33]:
    • libmysql55client18-5.5.33-0.11.1
    • libmysql55client_r18-5.5.33-0.11.1
    • libmysqlclient15-5.0.96-0.6.9
    • libmysqlclient_r15-5.0.96-0.6.9
    • mysql-5.5.33-0.11.1
    • mysql-client-5.5.33-0.11.1
    • mysql-tools-5.5.33-0.11.1
    • SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 5.5.33]:
    • libmysql55client18-32bit-5.5.33-0.11.1
    • libmysqlclient15-32bit-5.0.96-0.6.9
    • SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.5.33]:
    • libmysql55client18-5.5.33-0.11.1
    • libmysql55client_r18-5.5.33-0.11.1
    • libmysqlclient15-5.0.96-0.6.9
    • libmysqlclient_r15-5.0.96-0.6.9
    • mysql-5.5.33-0.11.1
    • mysql-client-5.5.33-0.11.1
    • mysql-tools-5.5.33-0.11.1
    • SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 5.5.33]:
    • libmysql55client18-32bit-5.5.33-0.11.1
    • libmysqlclient15-32bit-5.0.96-0.6.9
    • SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 5.5.33]:
    • libmysql55client18-x86-5.5.33-0.11.1
    • libmysqlclient15-x86-5.0.96-0.6.9
    • SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 5.5.33]:
    • libmysql55client18-5.5.33-0.11.1
    • libmysql55client_r18-5.5.33-0.11.1
    • libmysqlclient15-5.0.96-0.6.9
    • libmysqlclient_r15-5.0.96-0.6.9
    • mysql-5.5.33-0.11.1
    • mysql-client-5.5.33-0.11.1
    • SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 5.5.33]:
    • libmysql55client18-32bit-5.5.33-0.11.1
    • libmysql55client_r18-32bit-5.5.33-0.11.1
    • libmysqlclient15-32bit-5.0.96-0.6.9
    • libmysqlclient_r15-32bit-5.0.96-0.6.9

     

    References:

    • https://bugzilla.novell.com/734436
    • https://bugzilla.novell.com/768832
    • https://bugzilla.novell.com/780019
    • https://bugzilla.novell.com/789263
    • https://bugzilla.novell.com/791863
    • https://bugzilla.novell.com/792332
    • https://bugzilla.novell.com/803040
    • https://bugzilla.novell.com/830086
    • https://bugzilla.novell.com/834028
    • https://bugzilla.novell.com/834967
    • https://bugzilla.novell.com/837801
    • http://download.suse.com/patch/finder/?keywords=3c8dec0d92966349feb185de1d4f2146