Security update for mysql-connector-cpp, mysql-workbench SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1530-1 Final 1 1 2017-06-10T15:05:22Z current 2017-06-10T15:05:22Z 2017-06-10T15:05:22Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for mysql-connector-cpp, mysql-workbench This update for mysql-connector-cpp and mysql-workbench fixes the following issues: Mysql-connector-cpp was updated to version 1.1.8: * See the news files on https://dev.mysql.com/doc/relnotes/connector-cpp/en/ Mysql-workbench was updated to version 6.3.9: * https://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-3-8.html * https://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-3-9.html * resolves CVE-2017-3469 (boo#1035195) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-06/msg00029.html E-Mail link for openSUSE-SU-2017:1530-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 libmysqlcppconn-devel-1.1.8-5.3.2 libmysqlcppconn7-1.1.8-5.3.2 mysql-connector-cpp-1.1.8-5.3.2 mysql-workbench-6.3.9-2.5.2 libmysqlcppconn-devel-1.1.8-5.3.2 as a component of openSUSE Leap 42.2 libmysqlcppconn7-1.1.8-5.3.2 as a component of openSUSE Leap 42.2 mysql-connector-cpp-1.1.8-5.3.2 as a component of openSUSE Leap 42.2 mysql-workbench-6.3.9-2.5.2 as a component of openSUSE Leap 42.2 Vulnerability in the MySQL Workbench component of Oracle MySQL (subcomponent: Workbench: Security : Encryption). Supported versions that are affected are 6.3.8 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Workbench. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Workbench accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2017-3469 openSUSE Leap 42.2:libmysqlcppconn-devel-1.1.8-5.3.2 openSUSE Leap 42.2:libmysqlcppconn7-1.1.8-5.3.2 openSUSE Leap 42.2:mysql-connector-cpp-1.1.8-5.3.2 openSUSE Leap 42.2:mysql-workbench-6.3.9-2.5.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00029.html https://www.suse.com/security/cve/CVE-2017-3469.html CVE-2017-3469 https://bugzilla.suse.com/1035195 SUSE Bug 1035195