UbuntuUSN-3040-1MySQL vulnerabilities
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.9%
Releases
- Ubuntu 16.04 ESM
- Ubuntu 15.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- mysql-5.5 - MySQL database
- mysql-5.6 - MySQL database
- mysql-5.7 - MySQL database
Details
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.50 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
Ubuntu 15.10 has been updated to MySQL 5.6.31. Ubuntu 16.04 LTS has been
updated to MySQL 5.7.13.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
<http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html>
<http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html>
<http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-13.html>
<http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.04 | noarch | mysql-server-5.7 | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libmysqlclient-dev | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libmysqlclient20 | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libmysqlclient20-dbgsym | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libmysqld-dev | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | mysql-client | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | mysql-client-5.7 | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | mysql-client-5.7-dbgsym | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | mysql-client-core-5.7 | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | mysql-client-core-5.7-dbgsym | < 5.7.13-0ubuntu0.16.04.2 | UNKNOWN |
References
ubuntu.com/security/CVE-2016-3424
ubuntu.com/security/CVE-2016-3459
ubuntu.com/security/CVE-2016-3477
ubuntu.com/security/CVE-2016-3486
ubuntu.com/security/CVE-2016-3501
ubuntu.com/security/CVE-2016-3518
ubuntu.com/security/CVE-2016-3521
ubuntu.com/security/CVE-2016-3588
ubuntu.com/security/CVE-2016-3614
ubuntu.com/security/CVE-2016-3615
ubuntu.com/security/CVE-2016-5436
ubuntu.com/security/CVE-2016-5437
ubuntu.com/security/CVE-2016-5439
ubuntu.com/security/CVE-2016-5440
ubuntu.com/security/CVE-2016-5441
ubuntu.com/security/CVE-2016-5442
ubuntu.com/security/CVE-2016-5443
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.9%