openSUSE 安全性更新:mysql-community-server (openSUSE-2015-608)
medium Nessus Plugin ID 86182
語系:
概要
遠端 openSUSE 主機缺少安全性更新。說明
MySQL Community Server 已更新至 5.6.26 版,可修正安全性問題和錯誤。所有變更:
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-26.html
- 已修正的 CVE:CVE-2015-2617、CVE-2015-2648、CVE-2015-2611、CVE-2015-2582 CVE-2015-4752、CVE-2015-4756、CVE-2015-2643、CVE-2015-4772 CVE-2015-4761、CVE-2015-4757、CVE-2015-4737、CVE-2015-4771 CVE-2015-4769、CVE-2015-2639、CVE-2015-2620、CVE-2015-2641 CVE-2015-2661、CVE-2015-4767
- 預設為停用 Performance Schema。由於 MySQL 5.6.6 上游預設為停用 Performance Schema,導致記憶體使用量增加。新增的選項再度停用 Performance Schema,藉此減少 MySQL 記憶體的使用量 [bnc#852477]。
- 安裝 INFO_BIN and INFO_SRC,注意事項列於 MDEV-6912
- 移除 mysql-systemd-helper 中非必要的 ‘--group’ 參數
- 使 -devel 套件於 LibreSSL 存在時安裝
- 若顯示 update-message,則在其後進行清理
- 將 ‘exec’ 新增至 mysql-systemd-helper 以完全關閉 mysql/mariadb [bnc#943096]
解決方案
更新受影響的 mysql-community-server 套件。另請參閱
https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-26.html
https://bugzilla.opensuse.org/show_bug.cgi?id=852477
https://bugzilla.opensuse.org/show_bug.cgi?id=902396
https://bugzilla.opensuse.org/show_bug.cgi?id=938412
Plugin 詳細資訊
嚴重性: Medium
ID: 86182
檔案名稱: openSUSE-2015-608.nasl
版本: 2.7
類型: local
代理程式: unix
已發布: 2015/9/28
已更新: 2021/1/19
支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
風險資訊
VPR
風險因素: Medium
分數: 5.3
CVSS v2
風險因素: Medium
基本分數: 6.5
媒介: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
弱點資訊
CPE: p-cpe:/a:novell:opensuse:libmysql56client18, p-cpe:/a:novell:opensuse:libmysql56client18-32bit, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit, p-cpe:/a:novell:opensuse:libmysql56client_r18, p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit, p-cpe:/a:novell:opensuse:mysql-community-server, p-cpe:/a:novell:opensuse:mysql-community-server-bench, p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-client, p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-debugsource, p-cpe:/a:novell:opensuse:mysql-community-server-errormessages, p-cpe:/a:novell:opensuse:mysql-community-server-test, p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-tools, p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo, cpe:/o:novell:opensuse:13.1, cpe:/o:novell:opensuse:13.2
必要的 KB 項目: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
修補程式發佈日期: 2015/9/7
參考資訊
CVE: CVE-2015-2582, CVE-2015-2611, CVE-2015-2617, CVE-2015-2620, CVE-2015-2639, CVE-2015-2641, CVE-2015-2643, CVE-2015-2648, CVE-2015-2661, CVE-2015-4737, CVE-2015-4752, CVE-2015-4756, CVE-2015-4757, CVE-2015-4761, CVE-2015-4767, CVE-2015-4769, CVE-2015-4771, CVE-2015-4772