Bugzilla – Bug 1049422
Tracker bug for the Oracle July 2017 Patch Day mysql
Last modified: 2018-01-24 09:37:51 UTC
This bug tracks the individual bugs opened for the Oracle July 2017 Patch Day #1049392 NEW - kstreitova@suse.com - VUL-0: CVE-2014-1912: mysql: CLSTCONF unspecified vulnerability #1049393 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3529: mysql: UDF unspecified vulnerability #1049394 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3633: mysql: Memcached unspecified vulnerability #1049396 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3634: mysql: DML unspecified vulnerability #1049397 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3635: mysql: C API unspecified vulnerability #1049398 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3635: mysql: C API unspecified vulnerability #1049399 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3636: mysql: Client programs unspecified vulnerability #1049400 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3637: mysql: X Plugin unspecified vulnerability #1049401 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3638: mysql: Optimizer unspecified vulnerability #1049402 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3639: mysql: DML unspecified vulnerability #1049403 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3640: mysql: DML unspecified vulnerability #1049404 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3641: mysql: DML unspecified vulnerability #1049405 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3642: mysql: Optimizer unspecified vulnerability #1049406 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3643: mysql: DML unspecified vulnerability #1049407 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3644: mysql: DML unspecified vulnerability #1049408 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3645: mysql: Optimizer unspecified vulnerability #1049409 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3646: mysql: X Plugin unspecified vulnerability #1049410 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3647: mysql: Replication unspecified vulnerability #1049411 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3648: mysql: Charsets unspecified vulnerability #1049412 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3649: mysql: Replication unspecified vulnerability #1049414 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3650: mysql: C API unspecified vulnerability #1049415 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3651: mysql: Client mysqldump unspecified vulnerability #1049416 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3652: mysql: DDL unspecified vulnerability #1049417 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3653: mysql: DDL unspecified vulnerability #1049418 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3732: mysql: Connector/ODBC unspecified vulnerability #1049421 NEW - kstreitova@suse.com - VUL-0: CVE-2017-3732: mysql: Security, Encryption unspecified vulnerability
Sorted: CVEs relevant to MySQL 5.5.x (SLE11SP3) --------------------------------------- #1049398 - CVE-2017-3635: mysql: C API unspecified vulnerability #1049399 - CVE-2017-3636: mysql: Client programs unspecified vulnerability #1049404 - CVE-2017-3641: mysql: DML unspecified vulnerability #1049411 - CVE-2017-3648: mysql: Charsets unspecified vulnerability #1049415 - CVE-2017-3651: mysql: Client mysqldump unspecified vulnerability #1049416 - CVE-2017-3652: mysql: DDL unspecified vulnerability #1049417 - CVE-2017-3653: mysql: DDL unspecified vulnerability CVEs relevant to MySQL 5.6.x (openSUSE) --------------------------------------- #1049394 - CVE-2017-3633: mysql: Memcached unspecified vulnerability #1049396 - CVE-2017-3634: mysql: DML unspecified vulnerability #1049398 - CVE-2017-3635: mysql: C API unspecified vulnerability #1049399 - CVE-2017-3636: mysql: Client programs unspecified vulnerability #1049404 - CVE-2017-3641: mysql: DML unspecified vulnerability #1049410 - CVE-2017-3647: mysql: Replication unspecified vulnerability #1049411 - CVE-2017-3648: mysql: Charsets unspecified vulnerability #1049412 - CVE-2017-3649: mysql: Replication unspecified vulnerability #1049415 - CVE-2017-3651: mysql: Client mysqldump unspecified vulnerability #1049416 - CVE-2017-3652: mysql: DDL unspecified vulnerability #1049417 - CVE-2017-3653: mysql: DDL unspecified vulnerability #1049421 - CVE-2017-3732: mysql: Security, Encryption unspecified vulnerability CVEs excluded from the update ============================= MySQL Cluster vulnerability --------------------------- #1049392 - CVE-2014-1912: mysql: CLSTCONF unspecified vulnerability MySQL Connectors bugs --------------------- #1049397 - CVE-2017-3635: mysql: C API unspecified vulnerability #1049418 - CVE-2017-3732: mysql: Connector/ODBC unspecified vulnerability MySQL 5.7 only -------------- #1049414 - CVE-2017-3650: mysql: C API unspecified vulnerability #1049406 - CVE-2017-3643: mysql: DML unspecified vulnerability #1049407 - CVE-2017-3644: mysql: DML unspecified vulnerability #1049401 - CVE-2017-3638: mysql: Optimizer unspecified vulnerability #1049405 - CVE-2017-3642: mysql: Optimizer unspecified vulnerability #1049408 - CVE-2017-3645: mysql: Optimizer unspecified vulnerability #1049409 - CVE-2017-3646: mysql: X Plugin unspecified vulnerability #1049393 - CVE-2017-3529: mysql: UDF unspecified vulnerability #1049400 - CVE-2017-3637: mysql: X Plugin unspecified vulnerability #1049402 - CVE-2017-3639: mysql: DML unspecified vulnerability #1049403 - CVE-2017-3640: mysql: DML unspecified vulnerability
| Codestream | Request | |--------------------|--------------------------| | SLE-11-SP3 | 136079 | | openSUSE:Leap 42.2 | 512279 | | openSUSE:Leap 42.3 | 512279 | | openSUSE:Factory | - (dropped from Factory) | Everything is done here. Reassigning it back to the security team.
This is an autogenerated message for OBS integration: This bug (1049422) was mentioned in https://build.opensuse.org/request/show/512279 42.2+42.3 / mysql-community-server
openSUSE-SU-2017:2011-1: An update that solves 12 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1049394,1049396,1049398,1049399,1049404,1049410,1049411,1049412,1049415,1049416,1049417,1049421,1049422 CVE References: CVE-2017-3633,CVE-2017-3634,CVE-2017-3635,CVE-2017-3636,CVE-2017-3641,CVE-2017-3647,CVE-2017-3648,CVE-2017-3649,CVE-2017-3651,CVE-2017-3652,CVE-2017-3653,CVE-2017-3732 Sources used: openSUSE Leap 42.3 (src): mysql-community-server-5.6.37-27.1 openSUSE Leap 42.2 (src): mysql-community-server-5.6.37-24.9.1
SUSE-SU-2017:2290-1: An update that solves 7 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1049398,1049399,1049404,1049411,1049415,1049416,1049417,1049422 CVE References: CVE-2017-3635,CVE-2017-3636,CVE-2017-3641,CVE-2017-3648,CVE-2017-3651,CVE-2017-3652,CVE-2017-3653 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): mysql-5.5.57-0.39.3.1 SUSE Linux Enterprise Server 11-SP4 (src): mysql-5.5.57-0.39.3.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): mysql-5.5.57-0.39.3.1
all done