Security update to MySQL 5.6.27 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:2243-1 Final 1 1 2015-12-10T07:33:01Z current 2015-12-10T07:33:01Z 2015-12-10T07:33:01Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update to MySQL 5.6.27 MySQL was updated to 5.6.27 to fix security issues and bugs. The following vulnerabilities were fixed as part of the upstream release [boo#951391]: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789, CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4833, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890, CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910, CVE-2015-4913 Details on these and other changes can be found at: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-27.html The following security relevant changes are included additionally: * CVE-2015-3152: MySQL lacked SSL enforcement. Using --ssl-verify-server-cert and --ssl[-*] implies that the ssl connection is required. The mysql client will now print an error if ssl is required, but the server can not handle a ssl connection [boo#924663], [boo#928962] The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html E-Mail link for openSUSE-SU-2015:2243-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 libmysql56client18-5.6.27-8.1 libmysql56client18-32bit-5.6.27-8.1 libmysql56client_r18-5.6.27-8.1 libmysql56client_r18-32bit-5.6.27-8.1 mysql-community-server-5.6.27-8.1 mysql-community-server-bench-5.6.27-8.1 mysql-community-server-client-5.6.27-8.1 mysql-community-server-errormessages-5.6.27-8.1 mysql-community-server-test-5.6.27-8.1 mysql-community-server-tools-5.6.27-8.1 libmysql56client18-5.6.27-8.1 as a component of openSUSE Leap 42.1 libmysql56client18-32bit-5.6.27-8.1 as a component of openSUSE Leap 42.1 libmysql56client_r18-5.6.27-8.1 as a component of openSUSE Leap 42.1 libmysql56client_r18-32bit-5.6.27-8.1 as a component of openSUSE Leap 42.1 mysql-community-server-5.6.27-8.1 as a component of openSUSE Leap 42.1 mysql-community-server-bench-5.6.27-8.1 as a component of openSUSE Leap 42.1 mysql-community-server-client-5.6.27-8.1 as a component of openSUSE Leap 42.1 mysql-community-server-errormessages-5.6.27-8.1 as a component of openSUSE Leap 42.1 mysql-community-server-test-5.6.27-8.1 as a component of openSUSE Leap 42.1 mysql-community-server-tools-5.6.27-8.1 as a component of openSUSE Leap 42.1 The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. CVE-2015-0286 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 critical Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-0286.html CVE-2015-0286 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922496 SUSE Bug 922496 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/951391 SUSE Bug 951391 The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key. CVE-2015-0288 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 critical Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-0288.html CVE-2015-0288 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/920236 SUSE Bug 920236 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/951391 SUSE Bug 951391 The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. CVE-2015-1789 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-1789.html CVE-2015-1789 https://bugzilla.suse.com/934489 SUSE Bug 934489 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/938432 SUSE Bug 938432 https://bugzilla.suse.com/951391 SUSE Bug 951391 The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate. CVE-2015-1793 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-1793.html CVE-2015-1793 https://bugzilla.suse.com/936746 SUSE Bug 936746 https://bugzilla.suse.com/937637 SUSE Bug 937637 https://bugzilla.suse.com/951391 SUSE Bug 951391 Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack. CVE-2015-3152 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-3152.html CVE-2015-3152 https://bugzilla.suse.com/1037590 SUSE Bug 1037590 https://bugzilla.suse.com/1047059 SUSE Bug 1047059 https://bugzilla.suse.com/1088681 SUSE Bug 1088681 https://bugzilla.suse.com/924663 SUSE Bug 924663 https://bugzilla.suse.com/928962 SUSE Bug 928962 https://bugzilla.suse.com/936407 SUSE Bug 936407 Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types. CVE-2015-4730 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4730.html CVE-2015-4730 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall. CVE-2015-4766 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4766.html CVE-2015-4766 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802. CVE-2015-4792 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4792.html CVE-2015-4792 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. CVE-2015-4800 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4800.html CVE-2015-4800 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. CVE-2015-4802 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4802.html CVE-2015-4802 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL. CVE-2015-4815 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4815.html CVE-2015-4815 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. CVE-2015-4816 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4816.html CVE-2015-4816 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958790 SUSE Bug 958790 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs. CVE-2015-4819 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4819.html CVE-2015-4819 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958790 SUSE Bug 958790 https://bugzilla.suse.com/969667 SUSE Bug 969667 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types. CVE-2015-4826 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4826.html CVE-2015-4826 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. CVE-2015-4830 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4830.html CVE-2015-4830 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. CVE-2015-4833 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4833.html CVE-2015-4833 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP. CVE-2015-4836 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4836.html CVE-2015-4836 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913. CVE-2015-4858 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4858.html CVE-2015-4858 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. CVE-2015-4861 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4861.html CVE-2015-4861 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML. CVE-2015-4862 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4862.html CVE-2015-4862 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. CVE-2015-4864 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4864.html CVE-2015-4864 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. CVE-2015-4866 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4866.html CVE-2015-4866 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser. CVE-2015-4870 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4870.html CVE-2015-4870 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML. CVE-2015-4879 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4879.html CVE-2015-4879 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958790 SUSE Bug 958790 Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication. CVE-2015-4890 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4890.html CVE-2015-4890 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. CVE-2015-4895 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4895.html CVE-2015-4895 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958790 SUSE Bug 958790 Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld. CVE-2015-4904 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4904.html CVE-2015-4904 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML. CVE-2015-4905 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4905.html CVE-2015-4905 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. CVE-2015-4910 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4910.html CVE-2015-4910 https://bugzilla.suse.com/951391 SUSE Bug 951391 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858. CVE-2015-4913 openSUSE Leap 42.1:libmysql56client18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client18-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-32bit-5.6.27-8.1 openSUSE Leap 42.1:libmysql56client_r18-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-bench-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-client-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-errormessages-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-test-5.6.27-8.1 openSUSE Leap 42.1:mysql-community-server-tools-5.6.27-8.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00009.html https://www.suse.com/security/cve/CVE-2015-4913.html CVE-2015-4913 https://bugzilla.suse.com/951391 SUSE Bug 951391 https://bugzilla.suse.com/958789 SUSE Bug 958789