- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 201308-06:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: MySQL: Multiple vulnerabilities
Date: August 29, 2013
Updated: August 30, 2013
Bugs: #399375, #411503, #412889, #417989, #445602, #462498,
#466236, #477474
ID: 201308-06:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Errata
======
The references section of the original advisory contained wrong CVE
references.
CVE-2012-1492, CVE-2012-1623 should be interpreted as CVE-2013-1492
and CVE-2013-1623 accordingly.
The corrected sections appear below.
References
==========
[ 1 ] CVE-2011-2262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2262
[ 2 ] CVE-2012-0075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0075
[ 3 ] CVE-2012-0087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0087
[ 4 ] CVE-2012-0101
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0101
[ 5 ] CVE-2012-0102
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0102
[ 6 ] CVE-2012-0112
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0112
[ 7 ] CVE-2012-0113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0113
[ 8 ] CVE-2012-0114
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0114
[ 9 ] CVE-2012-0115
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0115
[ 10 ] CVE-2012-0116
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0116
[ 11 ] CVE-2012-0117
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0117
[ 12 ] CVE-2012-0118
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0118
[ 13 ] CVE-2012-0119
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0119
[ 14 ] CVE-2012-0120
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0120
[ 15 ] CVE-2012-0484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0484
[ 16 ] CVE-2012-0485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0485
[ 17 ] CVE-2012-0486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0486
[ 18 ] CVE-2012-0487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0487
[ 19 ] CVE-2012-0488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0488
[ 20 ] CVE-2012-0489
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0489
[ 21 ] CVE-2012-0490
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0490
[ 22 ] CVE-2012-0491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0491
[ 23 ] CVE-2012-0492
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0492
[ 24 ] CVE-2012-0493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0493
[ 25 ] CVE-2012-0494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0494
[ 26 ] CVE-2012-0495
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0495
[ 27 ] CVE-2012-0496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0496
[ 28 ] CVE-2012-0540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0540
[ 29 ] CVE-2012-0553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0553
[ 30 ] CVE-2012-0572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0572
[ 31 ] CVE-2012-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0574
[ 32 ] CVE-2012-0578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0578
[ 33 ] CVE-2012-0583
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0583
[ 34 ] CVE-2012-1688
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1688
[ 35 ] CVE-2012-1689
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1689
[ 36 ] CVE-2012-1690
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1690
[ 37 ] CVE-2012-1696
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1696
[ 38 ] CVE-2012-1697
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1697
[ 39 ] CVE-2012-1702
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1702
[ 40 ] CVE-2012-1703
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1703
[ 41 ] CVE-2012-1705
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1705
[ 42 ] CVE-2012-1734
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1734
[ 43 ] CVE-2012-2102
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2102
[ 44 ] CVE-2012-2122
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2122
[ 45 ] CVE-2012-2749
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2749
[ 46 ] CVE-2012-3150
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3150
[ 47 ] CVE-2012-3158
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3158
[ 48 ] CVE-2012-3160
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3160
[ 49 ] CVE-2012-3163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3163
[ 50 ] CVE-2012-3166
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3166
[ 51 ] CVE-2012-3167
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3167
[ 52 ] CVE-2012-3173
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3173
[ 53 ] CVE-2012-3177
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3177
[ 54 ] CVE-2012-3180
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3180
[ 55 ] CVE-2012-3197
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3197
[ 56 ] CVE-2012-5060
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5060
[ 57 ] CVE-2012-5096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5096
[ 58 ] CVE-2012-5611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5611
[ 59 ] CVE-2012-5612
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5612
[ 60 ] CVE-2012-5613
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5613
[ 61 ] CVE-2012-5614
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5614
[ 62 ] CVE-2012-5615
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5615
[ 63 ] CVE-2012-5627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5627
[ 64 ] CVE-2013-0367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0367
[ 65 ] CVE-2013-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0368
[ 66 ] CVE-2013-0371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0371
[ 67 ] CVE-2013-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0375
[ 68 ] CVE-2013-0383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0383
[ 69 ] CVE-2013-0384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0384
[ 70 ] CVE-2013-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0385
[ 71 ] CVE-2013-0386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0386
[ 72 ] CVE-2013-0389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0389
[ 73 ] CVE-2013-1492
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1492
[ 74 ] CVE-2013-1502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502
[ 75 ] CVE-2013-1506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506
[ 76 ] CVE-2013-1511
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511
[ 77 ] CVE-2013-1512
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512
[ 78 ] CVE-2013-1521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521
[ 79 ] CVE-2013-1523
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523
[ 80 ] CVE-2013-1526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526
[ 81 ] CVE-2013-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531
[ 82 ] CVE-2013-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532
[ 83 ] CVE-2013-1544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544
[ 84 ] CVE-2013-1548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548
[ 85 ] CVE-2013-1552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552
[ 86 ] CVE-2013-1555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555
[ 87 ] CVE-2013-1566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566
[ 88 ] CVE-2013-1567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567
[ 89 ] CVE-2013-1570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570
[ 90 ] CVE-2013-1623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1623
[ 91 ] CVE-2013-2375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375
[ 92 ] CVE-2013-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376
[ 93 ] CVE-2013-2378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378
[ 94 ] CVE-2013-2381
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381
[ 95 ] CVE-2013-2389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389
[ 96 ] CVE-2013-2391
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391
[ 97 ] CVE-2013-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392
[ 98 ] CVE-2013-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395
[ 99 ] CVE-2013-3802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3802
[ 100 ] CVE-2013-3804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3804
[ 101 ] CVE-2013-3808
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3808
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5