1861漏洞详情

2017-06-02 作者:香港图库   |   浏览(188)

- 漏洞信息 (F121413)

Ubuntu Security Notice USN-1807-1 (PacketStormID:F121413)

2013-04-25 00:00:00

Ubuntu  security.ubuntu.com

advisory

linux,ubuntu

CVE-2012-0553,CVE-2012-4414,CVE-2012-5613,CVE-2012-5615,CVE-2012-5627,CVE-2013-1492,CVE-2013-1502,CVE-2013-1506,CVE-2013-1511,CVE-2013-1512,CVE-2013-1521,CVE-2013-1523,CVE-2013-1526,CVE-2013-1532,CVE-2013-1544,CVE-2013-1552,CVE-2013-1555,CVE-2013-1623,CVE-2013-1861,CVE-2013-2375,CVE-2013-2376,CVE-2013-2378,CVE-2013-2389,CVE-2013-2391,CVE-2013-2392

[点击下载]

Ubuntu Security Notice 1807-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.69 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

========================================================================== Ubuntu Security Notice USN-1807-1 April 25, 2013 mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.69 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-31.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: mysql-server-5.5 5.5.31-0ubuntu0.12.10.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.31-0ubuntu0.12.04.1 Ubuntu 11.10: mysql-server-5.1 5.1.69-0ubuntu0.11.10.1 Ubuntu 10.04 LTS: mysql-server-5.1 5.1.69-0ubuntu0.10.04.1 In general, a standard system update will make all the necessary changes. References: CVE-2012-0553, CVE-2012-4414, CVE-2012-5613, CVE-2012-5615, CVE-2012-5627, CVE-2013-1492, CVE-2013-1502, CVE-2013-1506, CVE-2013-1511, CVE-2013-1512, CVE-2013-1521, CVE-2013-1523, CVE-2013-1526, CVE-2013-1532, CVE-2013-1544, CVE-2013-1552, CVE-2013-1555, CVE-2013-1623, CVE-2013-1861, CVE-2013-2375, CVE-2013-2376, CVE-2013-2378, CVE-2013-2389, CVE-2013-2391, CVE-2013-2392 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.31-0ubuntu0.12.10.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.31-0ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/mysql-5.1/5.1.69-0ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/mysql-dfsg-5.1/5.1.69-0ubuntu0.10.04.1

- 漏洞信息 (F122516)

Mandriva Linux Security Advisory 2013-197 (PacketStormID:F122516)

2013-07-24 00:00:00

Mandriva  mandriva.com

advisory,remote,denial of service

linux,mandriva

CVE-2013-1861,CVE-2013-3802,CVE-2013-3804

[点击下载]

Mandriva Linux Security Advisory 2013-197 - MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. The updated packages have been upgraded to the 5.1.70 version which is not vulnerable to these issues.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:197 _______________________________________________________________________ Package : mysql Date : July 23, 2013 Affected: Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been discovered and corrected in mysql: MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error (CVE-2013-1861). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search (CVE-2013-3802). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer (CVE-2013-3804). The updated packages have been upgraded to the 5.1.70 version which is not vulnerable to these issues. _______________________________________________________________________ References: ?name=CVE-2013-1861 ?name=CVE-2013-3802 ?name=CVE-2013-3804 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: d50025f407efd92277e1ce69b498932a mes5/i586/libmysql16-5.1.70-0.1mdvmes5.2.i586.rpm 9f0cb96b3e3cc6d9217d4d58a90304c5 mes5/i586/libmysql-devel-5.1.70-0.1mdvmes5.2.i586.rpm 51943d180dd136175e303a7629e8ece2 mes5/i586/libmysql-static-devel-5.1.70-0.1mdvmes5.2.i586.rpm 11f429a294ce0a1f0a3b760ea5e36392 mes5/i586/mysql-5.1.70-0.1mdvmes5.2.i586.rpm e581dea7bbd3ec979ecebe2fb03fdecf mes5/i586/mysql-bench-5.1.70-0.1mdvmes5.2.i586.rpm e8c4be68e730ed3f4b854cbfb2ef62d1 mes5/i586/mysql-client-5.1.70-0.1mdvmes5.2.i586.rpm 58e82a0beaf27e4d4dd0a8680550242d mes5/i586/mysql-common-5.1.70-0.1mdvmes5.2.i586.rpm ef5290b2cec153e8529a9a2475536541 mes5/SRPMS/mysql-5.1.70-0.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: aa18a4827c59c6b87c9d7b2972e7724c mes5/x86_64/lib64mysql16-5.1.70-0.1mdvmes5.2.x86_64.rpm efecce077f18b14d3864a455d98fd962 mes5/x86_64/lib64mysql-devel-5.1.70-0.1mdvmes5.2.x86_64.rpm 612305725f5081095e839911eab31f92 mes5/x86_64/lib64mysql-static-devel-5.1.70-0.1mdvmes5.2.x86_64.rpm 2d12d3c1ebc247a49c70074ac00044cd mes5/x86_64/mysql-5.1.70-0.1mdvmes5.2.x86_64.rpm 5330a94f0a81648e0610d8fb051be165 mes5/x86_64/mysql-bench-5.1.70-0.1mdvmes5.2.x86_64.rpm 87b0f4a48768c3f97fd391101dff0f70 mes5/x86_64/mysql-client-5.1.70-0.1mdvmes5.2.x86_64.rpm 43ad98e628ae21a2d8c825096ff35f4f mes5/x86_64/mysql-common-5.1.70-0.1mdvmes5.2.x86_64.rpm ef5290b2cec153e8529a9a2475536541 mes5/SRPMS/mysql-5.1.70-0.1mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFR7h76mqjQ0CJFipgRAilqAJ4s0yqFPFdT0sOYj20pYbQni9KHcgCgu6As M44JAmrkDXcyeRhgdxkZszI= =KbxN -----END PGP SIGNATURE-----

- 漏洞信息 (F122548)

Ubuntu Security Notice USN-1909-1 (PacketStormID:F122548)

2013-07-25 00:00:00

Ubuntu  security.ubuntu.com

advisory

linux,ubuntu

CVE-2013-1861,CVE-2013-2162,CVE-2013-3783,CVE-2013-3793,CVE-2013-3802,CVE-2013-3804,CVE-2013-3809,CVE-2013-3812

[点击下载]

相关文章