ius-coredev team mailing list archive

Thread
Date

Re: [Question #200444]: CVE-2012-2122 apply to mysql55?

To: ius-coredev@xxxxxxxxxxxxxxxxxxx
From: Dustin Henry Offutt <question200444@xxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 14 Jun 2012 16:45:54 -0000
Reply-to: question200444@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Question #200444 on IUS Community Project changed:
https://answers.launchpad.net/ius/+question/200444

    Status: Open => Answered

Dustin Henry Offutt proposed the following answer:
Hello Leif,

The CVE-2012-2122 vulnerability does not apply to the IUS Community
MySQL 5.5.24 packages in that the vulnerability has been alleged to only
affect MySQL and MariaDB servers up to 5.1.61, 5.2.11, 5.3.5 and 5.5.22.

Regardless, the IUS Community MySQL 5.5.24 package exhaustively tested
for the authentication bypass vulnerability and the test was
unsuccessful in broaching authentication.

Bit of trivia, the IUS Community MySQL 5.5.25 package is presently
available in the IUS testing repository. One may install it by adding "
--enablerepo ius-testing" to the yum command.

Thank you, Dusty

-- 
You received this question notification because you are a member of IUS
Core Development, which is an answer contact for IUS Community Project.