openSUSE Security Update : mysql-community-server (openSUSE-2017-258)

medium Nessus Plugin ID 97278

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

mysql-community-server was updated to version 5.6.35 to fix bugs and security issues :

- Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 35.html

- Fixed CVEs: CVE-2016-8318 [boo#1020872], CVE-2017-3312 [boo#1020873], CVE-2017-3258 [boo#1020875], CVE-2017-3273 [boo#1020876], CVE-2017-3244 [boo#1020877], CVE-2017-3257 [boo#1020878], CVE-2017-3238 [boo#1020882], CVE-2017-3291 [boo#1020884], CVE-2017-3265 [boo#1020885], CVE-2017-3313 [boo#1020890], CVE-2016-8327 [boo#1020893], CVE-2017-3317 [boo#1020894], CVE-2017-3318 [boo#1020896]

Solution

Update the affected mysql-community-server packages.

See Also

https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-35.html

https://bugzilla.opensuse.org/show_bug.cgi?id=1020872

https://bugzilla.opensuse.org/show_bug.cgi?id=1020873

https://bugzilla.opensuse.org/show_bug.cgi?id=1020875

https://bugzilla.opensuse.org/show_bug.cgi?id=1020876

https://bugzilla.opensuse.org/show_bug.cgi?id=1020877

https://bugzilla.opensuse.org/show_bug.cgi?id=1020878

https://bugzilla.opensuse.org/show_bug.cgi?id=1020882

https://bugzilla.opensuse.org/show_bug.cgi?id=1020884

https://bugzilla.opensuse.org/show_bug.cgi?id=1020885

https://bugzilla.opensuse.org/show_bug.cgi?id=1020890

https://bugzilla.opensuse.org/show_bug.cgi?id=1020893

https://bugzilla.opensuse.org/show_bug.cgi?id=1020894

https://bugzilla.opensuse.org/show_bug.cgi?id=1020896

Plugin Details

Severity: Medium

ID: 97278

File Name: openSUSE-2017-258.nasl

Version: 3.4

Type: local

Agent: unix

Published: 2/21/2017

Updated: 1/19/2021

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18, p-cpe:/a:novell:opensuse:mysql-community-server-bench, p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server, p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit, cpe:/o:novell:opensuse:42.1, p-cpe:/a:novell:opensuse:mysql-community-server-debugsource, p-cpe:/a:novell:opensuse:mysql-community-server-tools, p-cpe:/a:novell:opensuse:libmysql56client18-32bit, p-cpe:/a:novell:opensuse:mysql-community-server-errormessages, p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client_r18, p-cpe:/a:novell:opensuse:mysql-community-server-client, p-cpe:/a:novell:opensuse:mysql-community-server-test, p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2/16/2017

Reference Information

CVE: CVE-2016-8318, CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3273, CVE-2017-3291, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318