CVE-2013-2375: Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect…

CVE-2012-0553 MySQL vulnerabilities Title: MySQL vulnerabilities Summary: Several security issues were fixed in MySQL. USN-1807-1 fixed vulnerabilities in MySQL. This update provides MySQL 5.5.31 for Ubuntu 13.04. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.69 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-69.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-31.html http://www.oracle.com/technet

CVE-2012-0553 MySQL vulnerabilities Title: MySQL vulnerabilities Summary: Several security issues were fixed in MySQL. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.69 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-69.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-31.html http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html Instructions: In general, a standard system update will make all the necessary

CVE-2013-2375 [MEDIUM] mysql: unspecified vulnerability related to Server Privileges (CPU April 2013) mysql: unspecified vulnerability related to Server Privileges (CPU April 2013) Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Package: mysql (Red Hat Enterprise Linux 5) - Under investigation

CVE-2013-2375 [MEDIUM] GHSA-gg9r-7879-9jhr: Unspecified vulnerability in Oracle MySQL 5 Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2013-4591 [MEDIUM] CVE-2013-4591 kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached CVE-2013-4591 kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached Commit 1f1ea6c (included in Red Hat Enterprise Linux 6 as part of CVE-2012-2375 fix) accidently dropped the checking for too small result buffer length. If someone uses getxattr on "system.nfs4_acl" on an NFSv4 mount supporting ACLs, the ACL has not been cached and the buffer suplied is too short, we still copy the complete ACL, resulting in kernel and user space memory corruption. Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f1ea6c2d9d8c0be9ec56454b05315273b5de8ce Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d3e91a89b7adbc2831334def9e494dd9892f9af Discussion: Statement: This issue did not affect the version

CVE-2013-2375 [MEDIUM] CVE-2013-2375 mysql: unspecified vulnerability related to Server Privileges (CPU April 2013) CVE-2013-2375 mysql: unspecified vulnerability related to Server Privileges (CPU April 2013) An unspecified vulnerability in the Server Privileges subcomponent of Oracle MySQL allows remote authenticated attackers to cause a denial of service as well as impact the confidentiality and integrity of the server via unspecified vectors. This flaw affects MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier. External References: http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html#AppendixMSQL Discussion: This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0772 https://rhn.redhat.com/errata/RHSA-2013-0772.html