212614 – databases/mysql55-server: CVE 2016-6662

Bug 212614 - databases/mysql55-server: CVE 2016-6662

Summary: databases/mysql55-server: CVE 2016-6662

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Alex Dupre

URL:	http://legalhackers.com/advisories/My...
Keywords:	security

Depends on:
Blocks:	212606
	Show dependency tree / graph

Reported:	2016-09-12 17:17 UTC by Markus Kohlmeyer
Modified:	2016-11-27 10:49 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (ale)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Markus Kohlmeyer 2016-09-12 17:17:41 UTC

+++ This bug was initially created as a clone of Bug #212606 +++

Cite from linked advisory:


I. VULNERABILITY
-------------------------

MySQL  <= 5.7.15       Remote Root Code Execution / Privilege Escalation (0day)
	  5.6.33
 	  5.5.52

MySQL clones are also affected, including:

MariaDB
PerconaDB

Comment 1 Markus Kohlmeyer 2016-09-14 12:50:57 UTC

Oracle released a fixed version:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html

Comment 2 Markus Kohlmeyer 2016-11-23 17:54:49 UTC

ping

Comment 3 Bernard Spil freebsd_committer

2016-11-27 10:49:37 UTC

Fixed by ports r422246