← Back to team overview

maria-developers team mailing list archive

Oracle CPU January 2016

 

Hi!

Oracle has released a Critical Patch Update: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

The following vulnerabilities are fixed by upgrading from MySQL 5.5.46 to 5.5.47 (picked it from the Debian maintainers list):

CVE-2016-0505
CVE-2016-0546
CVE-2016-0597
CVE-2016-0598
CVE-2016-0600
CVE-2016-0606
CVE-2016-0608
CVE-2016-0609
CVE-2016-0596
CVE-2016-0616

We already have released MariaDB Server 5.5.47, so I guess its time we updated: https://mariadb.com/kb/en/mariadb/security/ (assuming that all this is fixed?)

As an aside, it is interesting to see that there are CVE’s fixed for 5.7 only (see: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL)
--
Colin Charles, http://bytebot.net/blog/
twitter: @bytebot | skype: colincharles
"First they ignore you, then they laugh at you, then they fight you, then you win." -- Mohandas Gandhi

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail