Bug 212614

Summary: databases/mysql55-server: CVE 2016-6662
Product: Ports & Packages Reporter: Markus Kohlmeyer <rootservice>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed FIXED    
Severity: Affects Many People CC: brnrd, rootservice
Priority: --- Keywords: security
Version: LatestFlags: bugzilla: maintainer-feedback? (ale)
Hardware: Any   
OS: Any   
URL: http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Bug Depends on:    
Bug Blocks: 212606    

Description Markus Kohlmeyer 2016-09-12 17:17:41 UTC 
+++ This bug was initially created as a clone of Bug #212606 +++

Cite from linked advisory:


I. VULNERABILITY
-------------------------

MySQL  <= 5.7.15       Remote Root Code Execution / Privilege Escalation (0day)
	  5.6.33
 	  5.5.52

MySQL clones are also affected, including:

MariaDB
PerconaDB
Comment 1 Markus Kohlmeyer 2016-09-14 12:50:57 UTC 
Oracle released a fixed version:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
Comment 2 Markus Kohlmeyer 2016-11-23 17:54:49 UTC 
ping
Comment 3 Bernard Spil freebsd_committer freebsd_triage 2016-11-27 10:49:37 UTC 
Fixed by ports r422246