LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

LWN.net Weekly Edition for June 6, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Scientific Linux alert SL-mysq-20120709 (mysql)



From:
    	      riehecky@fnal.gov 


To:
    	      scientific-linux-errata@fnal.gov 


Subject:
    	      Security ERRATA Low: mysql on SL6.x i386/x86_64 


Date:
    	      Mon, 9 Jul 2012 10:02:23 -0500


Message-ID:
    	      <201207091502.q69F2Nqw020105@fefmon2.fnal.gov>


Archive-link:
    	      Article, Thread
              


Synopsis:    Low: mysql security and enhancement update
Issue Date:  2012-06-20
CVE Numbers: CVE-2012-2102


MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.

A flaw was found in the way MySQL processed HANDLER READ NEXT statements
after deleting a record. A remote, authenticated attacker could use this
flaw to provide such requests, causing mysqld to crash. This issue only
caused a temporary denial of service, as mysqld was automatically restarted
after the crash. (CVE-2012-2102)

This update also adds the following enhancement:

* The InnoDB storage engine is built-in for all architectures. This update
adds InnoDB Plugin, the InnoDB storage engine as a plug-in for the 32-bit
x86, AMD64, and Intel 64 architectures. The plug-in offers additional
features and better performance than when using the built-in InnoDB storage
engine. Refer to the MySQL documentation, linked to in the References
section, for information about enabling the plug-in.

All MySQL users should upgrade to these updated packages, which add this
enhancement and contain a backported patch to correct this issue. After
installing this update, the MySQL server daemon (mysqld) will be restarted
automatically.

SL6:
  i386
     mysql-5.1.61-4.el6.i686.rpm
     mysql-bench-5.1.61-4.el6.i686.rpm
     mysql-debuginfo-5.1.61-4.el6.i686.rpm
     mysql-devel-5.1.61-4.el6.i686.rpm
     mysql-embedded-5.1.61-4.el6.i686.rpm
     mysql-embedded-devel-5.1.61-4.el6.i686.rpm
     mysql-libs-5.1.61-4.el6.i686.rpm
     mysql-server-5.1.61-4.el6.i686.rpm
     mysql-test-5.1.61-4.el6.i686.rpm
  x86_64
     mysql-5.1.61-4.el6.x86_64.rpm
     mysql-bench-5.1.61-4.el6.x86_64.rpm
     mysql-debuginfo-5.1.61-4.el6.i686.rpm
     mysql-debuginfo-5.1.61-4.el6.x86_64.rpm
     mysql-devel-5.1.61-4.el6.i686.rpm
     mysql-devel-5.1.61-4.el6.x86_64.rpm
     mysql-embedded-5.1.61-4.el6.i686.rpm
     mysql-embedded-5.1.61-4.el6.x86_64.rpm
     mysql-embedded-devel-5.1.61-4.el6.i686.rpm
     mysql-embedded-devel-5.1.61-4.el6.x86_64.rpm
     mysql-libs-5.1.61-4.el6.i686.rpm
     mysql-libs-5.1.61-4.el6.x86_64.rpm
     mysql-server-5.1.61-4.el6.x86_64.rpm
     mysql-test-5.1.61-4.el6.x86_64.rpm

- Scientific Linux Development Team
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds