Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3652 (GCVE-0-2017-3652)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data.
Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | MySQL Server |
Version: 5.5.56 and earlier Version: 5.6.36 and earlier Version: 5.7.18 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:2787",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"name": "99805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99805"
},
{
"name": "1038928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "DSA-3922",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"name": "RHSA-2017:2886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:47:43.403835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T17:01:11.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MySQL Server",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "5.5.56 and earlier"
},
{
"status": "affected",
"version": "5.6.36 and earlier"
},
{
"status": "affected",
"version": "5.7.18 and earlier"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-08T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:2787",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"name": "99805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99805"
},
{
"name": "1038928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "DSA-3922",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"name": "RHSA-2017:2886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.5.56 and earlier"
},
{
"version_affected": "=",
"version_value": "5.6.36 and earlier"
},
{
"version_affected": "=",
"version_value": "5.7.18 and earlier"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2787",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"name": "99805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99805"
},
{
"name": "1038928",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "DSA-3922",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"name": "RHSA-2017:2886",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3652",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-04T17:01:11.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3652\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2017-08-08T15:29:08.727\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente MySQL Server en Oracle MySQL (subcomponente: Server: DDL). Las versiones compatibles que se han visto afectadas son la 5.5.56 y anteriores, 5.6.36 y anteriores, y la 5.7.18 y anteriores. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante con un bajo nivel de privilegios que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de MySQL Server. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de MySQL Server, as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de MySQL Server. CVSS 3.0 Base Score 4.2 (impactos en la confidencialidad e integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":4.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:P/A:N\",\"baseScore\":4.9,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndIncluding\":\"5.5.56\",\"matchCriteriaId\":\"47B58881-DD55-42F4-B37A-B512748451BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.6.0\",\"versionEndIncluding\":\"5.6.36\",\"matchCriteriaId\":\"F9A9FC3B-124C-4AFD-B957-7017A0BD509E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.7.0\",\"versionEndIncluding\":\"5.7.18\",\"matchCriteriaId\":\"CBCF2BEB-1EE9-4A81-9660-0682D6AB2E71\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3922\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99805\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038928\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2787\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2886\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3922\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99805\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2787\", \"name\": \"RHSA-2017:2787\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/99805\", \"name\": \"99805\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1038928\", \"name\": \"1038928\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3922\", \"name\": \"DSA-3922\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2886\", \"name\": \"RHSA-2017:2886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T14:39:41.146Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-3652\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-04T15:47:43.403835Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-04T15:49:06.254Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"MySQL Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.5.56 and earlier\"}, {\"status\": \"affected\", \"version\": \"5.6.36 and earlier\"}, {\"status\": \"affected\", \"version\": \"5.7.18 and earlier\"}]}], \"datePublic\": \"2017-07-18T00:00:00\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2787\", \"name\": \"RHSA-2017:2787\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securityfocus.com/bid/99805\", \"name\": \"99805\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.securitytracker.com/id/1038928\", \"name\": \"1038928\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3922\", \"name\": \"DSA-3922\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2886\", \"name\": \"RHSA-2017:2886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2017-12-08T10:57:01\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"5.5.56 and earlier\", \"version_affected\": \"=\"}, {\"version_value\": \"5.6.36 and earlier\", \"version_affected\": \"=\"}, {\"version_value\": \"5.7.18 and earlier\", \"version_affected\": \"=\"}]}, \"product_name\": \"MySQL Server\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2787\", \"name\": \"RHSA-2017:2787\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securityfocus.com/bid/99805\", \"name\": \"99805\", \"refsource\": \"BID\"}, {\"url\": \"http://www.securitytracker.com/id/1038928\", \"name\": \"1038928\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3922\", \"name\": \"DSA-3922\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2886\", \"name\": \"RHSA-2017:2886\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data.\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-3652\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-3652\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-04T17:01:11.742Z\", \"dateReserved\": \"2016-12-06T00:00:00\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2017-08-08T15:00:00\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2017-3652
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert_us@oracle.com | http://www.debian.org/security/2017/dsa-3922 | Third Party Advisory | |
| secalert_us@oracle.com | http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | Patch, Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/99805 | Third Party Advisory, VDB Entry | |
| secalert_us@oracle.com | http://www.securitytracker.com/id/1038928 | Third Party Advisory, VDB Entry | |
| secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:2787 | Third Party Advisory | |
| secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:2886 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3922 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99805 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038928 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2787 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2886 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47B58881-DD55-42F4-B37A-B512748451BC",
"versionEndIncluding": "5.5.56",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A9FC3B-124C-4AFD-B957-7017A0BD509E",
"versionEndIncluding": "5.6.36",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCF2BEB-1EE9-4A81-9660-0682D6AB2E71",
"versionEndIncluding": "5.7.18",
"versionStartIncluding": "5.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente MySQL Server en Oracle MySQL (subcomponente: Server: DDL). Las versiones compatibles que se han visto afectadas son la 5.5.56 y anteriores, 5.6.36 y anteriores, y la 5.7.18 y anteriores. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante con un bajo nivel de privilegios que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de MySQL Server. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de MySQL Server, as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de MySQL Server. CVSS 3.0 Base Score 4.2 (impactos en la confidencialidad e integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)."
}
],
"id": "CVE-2017-3652",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:08.727",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99805"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
rhsa-2017:2787
Vulnerability from csaf_redhat
Published
2017-09-21 07:42
Modified
2025-08-04 11:57
Summary
Red Hat Security Advisory: rh-mysql56-mysql security and bug fix update
Notes
Topic
An update for rh-mysql56-mysql is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
The following packages have been upgraded to a later upstream version: rh-mysql56-mysql (5.6.37).
Security Fix(es):
* An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon. (CVE-2017-3599)
* It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)
* Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265)
* It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291)
* It was discovered that the MySQL client command line tools only checked after authentication whether server supported SSL. A man-in-the-middle attacker could use this flaw to hijack client's authentication to the server even if the client was configured to require SSL connection. (CVE-2017-3305)
* Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312)
* A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302)
* This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages listed in the References section. (CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3273, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3450, CVE-2017-3452, CVE-2017-3453, CVE-2017-3456, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3633, CVE-2017-3634, CVE-2017-3636, CVE-2017-3641, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653)
Red Hat would like to thank Pali Rohár for reporting CVE-2017-3305.
Bug Fix(es):
* Previously, the md5() function was blocked by MySQL in FIPS mode because the MD5 hash algorithm is considered insecure. Consequently, the mysqld daemon failed with error messages when FIPS mode was enabled. With this update, md5() is allowed in FIPS mode for non-security operations. Note that users are able to use md5() for security purposes but such usage is not supported by Red Hat. (BZ#1452469)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-mysql56-mysql is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.\n\nThe following packages have been upgraded to a later upstream version: rh-mysql56-mysql (5.6.37).\n\nSecurity Fix(es):\n\n* An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon. (CVE-2017-3599)\n\n* It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)\n\n* Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265)\n\n* It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291)\n\n* It was discovered that the MySQL client command line tools only checked after authentication whether server supported SSL. A man-in-the-middle attacker could use this flaw to hijack client\u0027s authentication to the server even if the client was configured to require SSL connection. (CVE-2017-3305)\n\n* Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312)\n\n* A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302)\n\n* This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages listed in the References section. (CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3273, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3450, CVE-2017-3452, CVE-2017-3453, CVE-2017-3456, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3633, CVE-2017-3634, CVE-2017-3636, CVE-2017-3641, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653)\n\nRed Hat would like to thank Pali Roh\u00e1r for reporting CVE-2017-3305.\n\nBug Fix(es):\n\n* Previously, the md5() function was blocked by MySQL in FIPS mode because the MD5 hash algorithm is considered insecure. Consequently, the mysqld daemon failed with error messages when FIPS mode was enabled. With this update, md5() is allowed in FIPS mode for non-security operations. Note that users are able to use md5() for security purposes but such usage is not supported by Red Hat. (BZ#1452469)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2787",
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-35.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-35.html"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-36.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-36.html"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-37.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-37.html"
},
{
"category": "external",
"summary": "1414133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414133"
},
{
"category": "external",
"summary": "1414337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414337"
},
{
"category": "external",
"summary": "1414338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414338"
},
{
"category": "external",
"summary": "1414342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414342"
},
{
"category": "external",
"summary": "1414350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414350"
},
{
"category": "external",
"summary": "1414351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414351"
},
{
"category": "external",
"summary": "1414352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414352"
},
{
"category": "external",
"summary": "1414353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414353"
},
{
"category": "external",
"summary": "1414355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414355"
},
{
"category": "external",
"summary": "1414357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414357"
},
{
"category": "external",
"summary": "1414423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414423"
},
{
"category": "external",
"summary": "1414429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414429"
},
{
"category": "external",
"summary": "1422119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422119"
},
{
"category": "external",
"summary": "1431690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431690"
},
{
"category": "external",
"summary": "1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "1443358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443358"
},
{
"category": "external",
"summary": "1443359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443359"
},
{
"category": "external",
"summary": "1443363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443363"
},
{
"category": "external",
"summary": "1443364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443364"
},
{
"category": "external",
"summary": "1443365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443365"
},
{
"category": "external",
"summary": "1443369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443369"
},
{
"category": "external",
"summary": "1443376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443376"
},
{
"category": "external",
"summary": "1443377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443377"
},
{
"category": "external",
"summary": "1443378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443378"
},
{
"category": "external",
"summary": "1443379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443379"
},
{
"category": "external",
"summary": "1443386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443386"
},
{
"category": "external",
"summary": "1472683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472683"
},
{
"category": "external",
"summary": "1472684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472684"
},
{
"category": "external",
"summary": "1472686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472686"
},
{
"category": "external",
"summary": "1472693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472693"
},
{
"category": "external",
"summary": "1472703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472703"
},
{
"category": "external",
"summary": "1472704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472704"
},
{
"category": "external",
"summary": "1472705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472705"
},
{
"category": "external",
"summary": "1472708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472708"
},
{
"category": "external",
"summary": "1472710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472710"
},
{
"category": "external",
"summary": "1472711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472711"
},
{
"category": "external",
"summary": "1477575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477575"
},
{
"category": "external",
"summary": "1482122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482122"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2787.json"
}
],
"title": "Red Hat Security Advisory: rh-mysql56-mysql security and bug fix update",
"tracking": {
"current_release_date": "2025-08-04T11:57:14+00:00",
"generator": {
"date": "2025-08-04T11:57:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2017:2787",
"initial_release_date": "2017-09-21T07:42:12+00:00",
"revision_history": [
{
"date": "2017-09-21T07:42:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-21T07:42:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T11:57:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-debuginfo@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-test@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-config@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-devel@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-common@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-bench@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-server@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"product": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"product_id": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-errmsg@5.6.37-5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-debuginfo@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-test@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-config@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-common@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-devel@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-bench@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-server@5.6.37-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"product": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"product_id": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql-errmsg@5.6.37-5.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.src",
"product": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.src",
"product_id": "rh-mysql56-mysql-0:5.6.37-5.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql@5.6.37-5.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.src",
"product": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.src",
"product_id": "rh-mysql56-mysql-0:5.6.37-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql56-mysql@5.6.37-5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64"
},
"product_reference": "rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
},
"product_reference": "rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5483",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1433010"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Incorrect input validation allowing code execution via mysqldump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5483"
},
{
"category": "external",
"summary": "RHBZ#1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5483"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/",
"url": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/",
"url": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/"
}
],
"release_date": "2017-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Incorrect input validation allowing code execution via mysqldump"
},
{
"cve": "CVE-2016-8327",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414337"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8327"
},
{
"category": "external",
"summary": "RHBZ#1414337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8327",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8327"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3238",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414338"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3238"
},
{
"category": "external",
"summary": "RHBZ#1414338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3238",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3238"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3244",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414342"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3244"
},
{
"category": "external",
"summary": "RHBZ#1414342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3244"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3257",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414350"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: InnoDB unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3257"
},
{
"category": "external",
"summary": "RHBZ#1414350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3257"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3257",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3257"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: InnoDB unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3258",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414351"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3258"
},
{
"category": "external",
"summary": "RHBZ#1414351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3258"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3265",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414423"
}
],
"notes": [
{
"category": "description",
"text": "Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unsafe chmod/chown use in init script (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3265"
},
{
"category": "external",
"summary": "RHBZ#1414423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3265"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3265",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3265"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unsafe chmod/chown use in init script (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3273",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414352"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3273"
},
{
"category": "external",
"summary": "RHBZ#1414352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414352"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3273",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3273"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3273",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3273"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3291",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414429"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unrestricted mysqld_safe\u0027s ledir (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3291"
},
{
"category": "external",
"summary": "RHBZ#1414429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3291",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3291"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unrestricted mysqld_safe\u0027s ledir (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3302",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-01-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1422119"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: prepared statement handle use-after-free after disconnect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3302"
},
{
"category": "external",
"summary": "RHBZ#1422119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3302",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3302"
}
],
"release_date": "2017-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: prepared statement handle use-after-free after disconnect"
},
{
"acknowledgments": [
{
"names": [
"Pali Roh\u00e1r"
]
}
],
"cve": "CVE-2017-3305",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1431690"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the MySQL client command line tools only checked after authentication whether server supported SSL. A man-in-the-middle attacker could use this flaw to hijack client\u0027s authentication to the server even if the client was configured to require SSL connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: incorrect enforcement of ssl-mode=REQUIRED in MySQL 5.5 and 5.6",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3305"
},
{
"category": "external",
"summary": "RHBZ#1431690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431690"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3305",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3305"
},
{
"category": "external",
"summary": "http://riddle.link/",
"url": "http://riddle.link/"
}
],
"release_date": "2017-03-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: incorrect enforcement of ssl-mode=REQUIRED in MySQL 5.5 and 5.6"
},
{
"cve": "CVE-2017-3308",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443358"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3308"
},
{
"category": "external",
"summary": "RHBZ#1443358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3308"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3308",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3308"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3309",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443359"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3309"
},
{
"category": "external",
"summary": "RHBZ#1443359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3309",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3309"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3309",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3309"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3312",
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414133"
}
],
"notes": [
{
"category": "description",
"text": "Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3312"
},
{
"category": "external",
"summary": "RHBZ#1414133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3312",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3312"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3313",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: MyISAM unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3313"
},
{
"category": "external",
"summary": "RHBZ#1414353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3313",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3313"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: MyISAM unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3317",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414355"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Logging unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3317"
},
{
"category": "external",
"summary": "RHBZ#1414355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3317",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3317"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3317",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3317"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Logging unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3318",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414357"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Error Handling unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3318"
},
{
"category": "external",
"summary": "RHBZ#1414357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3318",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3318"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Error Handling unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3450",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443363"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Memcached unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3450"
},
{
"category": "external",
"summary": "RHBZ#1443363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3450"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Memcached unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3452",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443364"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3452"
},
{
"category": "external",
"summary": "RHBZ#1443364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3452",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3452"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3453",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443365"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3453"
},
{
"category": "external",
"summary": "RHBZ#1443365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3453",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3453"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3456",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443369"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3456"
},
{
"category": "external",
"summary": "RHBZ#1443369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3456"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3461",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443376"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3461"
},
{
"category": "external",
"summary": "RHBZ#1443376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3461"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3462",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443377"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3462"
},
{
"category": "external",
"summary": "RHBZ#1443377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3462",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3462"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3463",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443378"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3463"
},
{
"category": "external",
"summary": "RHBZ#1443378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3463"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3464",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443379"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3464"
},
{
"category": "external",
"summary": "RHBZ#1443379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3464",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3464"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3599",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443386"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3599"
},
{
"category": "external",
"summary": "RHBZ#1443386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3599"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/",
"url": "https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3600",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1433010"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Incorrect input validation allowing code execution via mysqldump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3600"
},
{
"category": "external",
"summary": "RHBZ#1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3600"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3600",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3600"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/",
"url": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/",
"url": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/"
}
],
"release_date": "2017-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Incorrect input validation allowing code execution via mysqldump"
},
{
"cve": "CVE-2017-3633",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472683"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Memcached unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3633"
},
{
"category": "external",
"summary": "RHBZ#1472683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3633"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Memcached unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3634",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472684"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3634"
},
{
"category": "external",
"summary": "RHBZ#1472684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3634"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3636",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472686"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Client programs unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3636"
},
{
"category": "external",
"summary": "RHBZ#1472686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472686"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3636"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Client programs unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3641",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472693"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3641"
},
{
"category": "external",
"summary": "RHBZ#1472693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472693"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3641"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3647",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472703"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3647"
},
{
"category": "external",
"summary": "RHBZ#1472703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3647"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3648",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Charsets unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3648"
},
{
"category": "external",
"summary": "RHBZ#1472704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3648",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3648"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Charsets unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3649",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472705"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3649"
},
{
"category": "external",
"summary": "RHBZ#1472705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472705"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3649"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3651",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472708"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3651"
},
{
"category": "external",
"summary": "RHBZ#1472708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3651"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3652",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472710"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3652"
},
{
"category": "external",
"summary": "RHBZ#1472710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3653",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472711"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3653"
},
{
"category": "external",
"summary": "RHBZ#1472711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3653"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3653",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3653"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-21T07:42:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Server-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-bench-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-common-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-config-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-debuginfo-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-devel-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-errmsg-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-server-0:5.6.37-5.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql56-mysql-test-0:5.6.37-5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)"
}
]
}
rhsa-2017:2886
Vulnerability from csaf_redhat
Published
2017-10-12 07:53
Modified
2025-08-04 12:03
Summary
Red Hat Security Advisory: rh-mysql57-mysql security and bug fix update
Notes
Topic
An update for rh-mysql57-mysql is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
The following packages have been upgraded to a later upstream version: rh-mysql57-mysql (5.7.19).
Security Fix(es):
* An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon. (CVE-2017-3599)
* It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)
* It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291)
* Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312)
* This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages listed in the References section. (CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3251, CVE-2017-3256, CVE-2017-3257, CVE-2017-3258, CVE-2017-3273, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3319, CVE-2017-3320, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459, CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468, CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3637, CVE-2017-3638, CVE-2017-3639, CVE-2017-3640, CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644, CVE-2017-3645, CVE-2017-3646, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653)
Bug Fix(es):
* Prior to this update, the scl macros were not set for the rh-mysql57-mysqld@.service file, which consequently made the service file unusable. This bug has been fixed, and rh-mysql57-mysqld@.service now works as expected. (BZ#1452511)
* Previously, the md5() function was blocked by MySQL in FIPS mode because the MD5 hash algorithm is considered insecure. Consequently, the mysqld daemon failed with error messages when FIPS mode was enabled. With this update, md5() is allowed in FIPS mode for non-security operations. Note that users are able to use md5() for security purposes but such usage is not supported by Red Hat. (BZ#1452514)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-mysql57-mysql is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.\n\nThe following packages have been upgraded to a later upstream version: rh-mysql57-mysql (5.7.19).\n\nSecurity Fix(es):\n\n* An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon. (CVE-2017-3599)\n\n* It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)\n\n* It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291)\n\n* Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312)\n\n* This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages listed in the References section. (CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3251, CVE-2017-3256, CVE-2017-3257, CVE-2017-3258, CVE-2017-3273, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3319, CVE-2017-3320, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459, CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468, CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3637, CVE-2017-3638, CVE-2017-3639, CVE-2017-3640, CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644, CVE-2017-3645, CVE-2017-3646, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653)\n\nBug Fix(es):\n\n* Prior to this update, the scl macros were not set for the rh-mysql57-mysqld@.service file, which consequently made the service file unusable. This bug has been fixed, and rh-mysql57-mysqld@.service now works as expected. (BZ#1452511)\n\n* Previously, the md5() function was blocked by MySQL in FIPS mode because the MD5 hash algorithm is considered insecure. Consequently, the mysqld daemon failed with error messages when FIPS mode was enabled. With this update, md5() is allowed in FIPS mode for non-security operations. Note that users are able to use md5() for security purposes but such usage is not supported by Red Hat. (BZ#1452514)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2886",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html"
},
{
"category": "external",
"summary": "1414133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414133"
},
{
"category": "external",
"summary": "1414337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414337"
},
{
"category": "external",
"summary": "1414338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414338"
},
{
"category": "external",
"summary": "1414342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414342"
},
{
"category": "external",
"summary": "1414343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414343"
},
{
"category": "external",
"summary": "1414345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414345"
},
{
"category": "external",
"summary": "1414350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414350"
},
{
"category": "external",
"summary": "1414351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414351"
},
{
"category": "external",
"summary": "1414352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414352"
},
{
"category": "external",
"summary": "1414353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414353"
},
{
"category": "external",
"summary": "1414355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414355"
},
{
"category": "external",
"summary": "1414357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414357"
},
{
"category": "external",
"summary": "1414358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414358"
},
{
"category": "external",
"summary": "1414360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414360"
},
{
"category": "external",
"summary": "1414429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414429"
},
{
"category": "external",
"summary": "1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "1443358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443358"
},
{
"category": "external",
"summary": "1443359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443359"
},
{
"category": "external",
"summary": "1443362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443362"
},
{
"category": "external",
"summary": "1443363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443363"
},
{
"category": "external",
"summary": "1443365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443365"
},
{
"category": "external",
"summary": "1443366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443366"
},
{
"category": "external",
"summary": "1443368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443368"
},
{
"category": "external",
"summary": "1443369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443369"
},
{
"category": "external",
"summary": "1443371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443371"
},
{
"category": "external",
"summary": "1443372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443372"
},
{
"category": "external",
"summary": "1443374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443374"
},
{
"category": "external",
"summary": "1443375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443375"
},
{
"category": "external",
"summary": "1443376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443376"
},
{
"category": "external",
"summary": "1443377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443377"
},
{
"category": "external",
"summary": "1443378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443378"
},
{
"category": "external",
"summary": "1443379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443379"
},
{
"category": "external",
"summary": "1443380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443380"
},
{
"category": "external",
"summary": "1443382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443382"
},
{
"category": "external",
"summary": "1443385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443385"
},
{
"category": "external",
"summary": "1443386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443386"
},
{
"category": "external",
"summary": "1472682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472682"
},
{
"category": "external",
"summary": "1472683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472683"
},
{
"category": "external",
"summary": "1472684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472684"
},
{
"category": "external",
"summary": "1472687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472687"
},
{
"category": "external",
"summary": "1472688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472688"
},
{
"category": "external",
"summary": "1472689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472689"
},
{
"category": "external",
"summary": "1472692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472692"
},
{
"category": "external",
"summary": "1472693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472693"
},
{
"category": "external",
"summary": "1472695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472695"
},
{
"category": "external",
"summary": "1472697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472697"
},
{
"category": "external",
"summary": "1472698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472698"
},
{
"category": "external",
"summary": "1472700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472700"
},
{
"category": "external",
"summary": "1472701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472701"
},
{
"category": "external",
"summary": "1472703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472703"
},
{
"category": "external",
"summary": "1472704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472704"
},
{
"category": "external",
"summary": "1472705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472705"
},
{
"category": "external",
"summary": "1472706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472706"
},
{
"category": "external",
"summary": "1472708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472708"
},
{
"category": "external",
"summary": "1472710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472710"
},
{
"category": "external",
"summary": "1472711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472711"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2886.json"
}
],
"title": "Red Hat Security Advisory: rh-mysql57-mysql security and bug fix update",
"tracking": {
"current_release_date": "2025-08-04T12:03:38+00:00",
"generator": {
"date": "2025-08-04T12:03:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2017:2886",
"initial_release_date": "2017-10-12T07:53:15+00:00",
"revision_history": [
{
"date": "2017-10-12T07:53:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-12T07:53:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:03:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-devel@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-config@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-test@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-errmsg@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-server@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-debuginfo@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-common@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-devel@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-config@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-test@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-errmsg@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-server@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-debuginfo@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-common@5.7.19-6.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5483",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1433010"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Incorrect input validation allowing code execution via mysqldump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5483"
},
{
"category": "external",
"summary": "RHBZ#1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5483"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/",
"url": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/",
"url": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/"
}
],
"release_date": "2017-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Incorrect input validation allowing code execution via mysqldump"
},
{
"cve": "CVE-2016-8327",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414337"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8327"
},
{
"category": "external",
"summary": "RHBZ#1414337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8327",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8327"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3238",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414338"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3238"
},
{
"category": "external",
"summary": "RHBZ#1414338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3238",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3238"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3244",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414342"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3244"
},
{
"category": "external",
"summary": "RHBZ#1414342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3244"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3251",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414343"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3251"
},
{
"category": "external",
"summary": "RHBZ#1414343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414343"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3251",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3251"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3256",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414345"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3256"
},
{
"category": "external",
"summary": "RHBZ#1414345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3256",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3256"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3256",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3256"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3257",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414350"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: InnoDB unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3257"
},
{
"category": "external",
"summary": "RHBZ#1414350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3257"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3257",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3257"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: InnoDB unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3258",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414351"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3258"
},
{
"category": "external",
"summary": "RHBZ#1414351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3258"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3273",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414352"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3273"
},
{
"category": "external",
"summary": "RHBZ#1414352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414352"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3273",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3273"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3273",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3273"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3291",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414429"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unrestricted mysqld_safe\u0027s ledir (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3291"
},
{
"category": "external",
"summary": "RHBZ#1414429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3291",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3291"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unrestricted mysqld_safe\u0027s ledir (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3308",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443358"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3308"
},
{
"category": "external",
"summary": "RHBZ#1443358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3308"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3308",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3308"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3309",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443359"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3309"
},
{
"category": "external",
"summary": "RHBZ#1443359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3309",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3309"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3309",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3309"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3312",
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414133"
}
],
"notes": [
{
"category": "description",
"text": "Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3312"
},
{
"category": "external",
"summary": "RHBZ#1414133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3312",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3312"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3313",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: MyISAM unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3313"
},
{
"category": "external",
"summary": "RHBZ#1414353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3313",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3313"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: MyISAM unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3317",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414355"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Logging unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3317"
},
{
"category": "external",
"summary": "RHBZ#1414355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3317",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3317"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3317",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3317"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Logging unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3318",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414357"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Error Handling unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3318"
},
{
"category": "external",
"summary": "RHBZ#1414357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3318",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3318"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Error Handling unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3319",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414358"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: X Plugin unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3319"
},
{
"category": "external",
"summary": "RHBZ#1414358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3319",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3319"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: X Plugin unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3320",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414360"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3320"
},
{
"category": "external",
"summary": "RHBZ#1414360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3320",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3320"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3320",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3320"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3331",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443362"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3331"
},
{
"category": "external",
"summary": "RHBZ#1443362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3331",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3331"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3450",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443363"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Memcached unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3450"
},
{
"category": "external",
"summary": "RHBZ#1443363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3450"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Memcached unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3453",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443365"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3453"
},
{
"category": "external",
"summary": "RHBZ#1443365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3453",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3453"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3454",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443366"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: InnoDB unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3454"
},
{
"category": "external",
"summary": "RHBZ#1443366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3454",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3454"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: InnoDB unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3455",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443368"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3455"
},
{
"category": "external",
"summary": "RHBZ#1443368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443368"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3455",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3455"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3456",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443369"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3456"
},
{
"category": "external",
"summary": "RHBZ#1443369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3456"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3457",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443371"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3457"
},
{
"category": "external",
"summary": "RHBZ#1443371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3457",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3457"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3458",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443372"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3458"
},
{
"category": "external",
"summary": "RHBZ#1443372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443372"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3458",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3458"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3459",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443374"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3459"
},
{
"category": "external",
"summary": "RHBZ#1443374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3459"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3460",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443375"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Audit Plug-in unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3460"
},
{
"category": "external",
"summary": "RHBZ#1443375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3460"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Audit Plug-in unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3461",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443376"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3461"
},
{
"category": "external",
"summary": "RHBZ#1443376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3461"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3462",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443377"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3462"
},
{
"category": "external",
"summary": "RHBZ#1443377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3462",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3462"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3463",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443378"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3463"
},
{
"category": "external",
"summary": "RHBZ#1443378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3463"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3464",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443379"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3464"
},
{
"category": "external",
"summary": "RHBZ#1443379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3464",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3464"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3465",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443380"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3465"
},
{
"category": "external",
"summary": "RHBZ#1443380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3465"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3467",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443382"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: C API unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3467"
},
{
"category": "external",
"summary": "RHBZ#1443382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3467",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3467"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: C API unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3468",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443385"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3468"
},
{
"category": "external",
"summary": "RHBZ#1443385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3468"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3529",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472682"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: UDF unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3529"
},
{
"category": "external",
"summary": "RHBZ#1472682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3529",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3529"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3529",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3529"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: UDF unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3599",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443386"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3599"
},
{
"category": "external",
"summary": "RHBZ#1443386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3599"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/",
"url": "https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3600",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1433010"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Incorrect input validation allowing code execution via mysqldump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3600"
},
{
"category": "external",
"summary": "RHBZ#1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3600"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3600",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3600"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/",
"url": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/",
"url": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/"
}
],
"release_date": "2017-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Incorrect input validation allowing code execution via mysqldump"
},
{
"cve": "CVE-2017-3633",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472683"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Memcached unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3633"
},
{
"category": "external",
"summary": "RHBZ#1472683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3633"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Memcached unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3634",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472684"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3634"
},
{
"category": "external",
"summary": "RHBZ#1472684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3634"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3637",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472687"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3637"
},
{
"category": "external",
"summary": "RHBZ#1472687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3637"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3638",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472688"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3638"
},
{
"category": "external",
"summary": "RHBZ#1472688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3638"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3639",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472689"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3639"
},
{
"category": "external",
"summary": "RHBZ#1472689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3639"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3640",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472692"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3640"
},
{
"category": "external",
"summary": "RHBZ#1472692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3640"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3640",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3640"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3641",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472693"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3641"
},
{
"category": "external",
"summary": "RHBZ#1472693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472693"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3641"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3642",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472695"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3642"
},
{
"category": "external",
"summary": "RHBZ#1472695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3642"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3643",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472697"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3643"
},
{
"category": "external",
"summary": "RHBZ#1472697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472697"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3643"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3643",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3643"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3644",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472698"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3644"
},
{
"category": "external",
"summary": "RHBZ#1472698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3644"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3645",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472700"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3645"
},
{
"category": "external",
"summary": "RHBZ#1472700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472700"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3645"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3646",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472701"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3646"
},
{
"category": "external",
"summary": "RHBZ#1472701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472701"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3646"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3646",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3646"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3647",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472703"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3647"
},
{
"category": "external",
"summary": "RHBZ#1472703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3647"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3648",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Charsets unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3648"
},
{
"category": "external",
"summary": "RHBZ#1472704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3648",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3648"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Charsets unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3649",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472705"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3649"
},
{
"category": "external",
"summary": "RHBZ#1472705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472705"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3649"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3650",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472706"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: C API unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3650"
},
{
"category": "external",
"summary": "RHBZ#1472706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3650",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3650"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3650",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3650"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: C API unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3651",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472708"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3651"
},
{
"category": "external",
"summary": "RHBZ#1472708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3651"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3652",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472710"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3652"
},
{
"category": "external",
"summary": "RHBZ#1472710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3653",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472711"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3653"
},
{
"category": "external",
"summary": "RHBZ#1472711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3653"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3653",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3653"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2019-2730",
"discovery_date": "2019-07-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1731995"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2730"
},
{
"category": "external",
"summary": "RHBZ#1731995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731995"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2730",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2730"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2730",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2730"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)"
}
]
}
gsd-2017-3652
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3652",
"description": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"id": "GSD-2017-3652",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3652.html",
"https://www.debian.org/security/2017/dsa-3922",
"https://access.redhat.com/errata/RHSA-2017:2886",
"https://access.redhat.com/errata/RHSA-2017:2787",
"https://ubuntu.com/security/CVE-2017-3652",
"https://alas.aws.amazon.com/cve/html/CVE-2017-3652.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3652"
],
"details": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"id": "GSD-2017-3652",
"modified": "2023-12-13T01:21:16.631276Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.5.56 and earlier"
},
{
"version_affected": "=",
"version_value": "5.6.36 and earlier"
},
{
"version_affected": "=",
"version_value": "5.7.18 and earlier"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2787",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"name": "99805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99805"
},
{
"name": "1038928",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "DSA-3922",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"name": "RHSA-2017:2886",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.5.56",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.7.18",
"versionStartIncluding": "5.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.6.36",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3652"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "1038928",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "99805",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99805"
},
{
"name": "DSA-3922",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"name": "RHSA-2017:2886",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"name": "RHSA-2017:2787",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2017-08-08T15:29Z"
}
}
}
suse-su-2017:2290-1
Vulnerability from csaf_suse
Published
2017-08-29 14:50
Modified
2017-08-29 14:50
Summary
Security update for mysql
Notes
Title of the patch
Security update for mysql
Description of the patch
This update for mysql fixes the following issues:
- CVE-2017-3635: C API unspecified vulnerability (bsc#1049398)
- CVE-2017-3636: Client programs unspecified vulnerability (bsc#1049399)
- CVE-2017-3641: DML unspecified vulnerability (bsc#1049404)
- CVE-2017-3648: Charsets unspecified vulnerability (bsc#1049411)
- CVE-2017-3651: Client mysqldump unspecified vulnerability (bsc#1049415)
- CVE-2017-3652: DDL unspecified vulnerability (bsc#1049416)
- CVE-2017-3653: DDL unspecified vulnerability (bsc#1049417)
Patchnames
sdksp4-mysql-13252,slessp4-mysql-13252
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mysql",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mysql fixes the following issues:\n\n\n- CVE-2017-3635: C API unspecified vulnerability (bsc#1049398) \n- CVE-2017-3636: Client programs unspecified vulnerability (bsc#1049399)\n- CVE-2017-3641: DML unspecified vulnerability (bsc#1049404)\n- CVE-2017-3648: Charsets unspecified vulnerability (bsc#1049411)\n- CVE-2017-3651: Client mysqldump unspecified vulnerability (bsc#1049415)\n- CVE-2017-3652: DDL unspecified vulnerability (bsc#1049416)\n- CVE-2017-3653: DDL unspecified vulnerability (bsc#1049417)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-mysql-13252,slessp4-mysql-13252",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2290-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2290-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172290-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2290-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003166.html"
},
{
"category": "self",
"summary": "SUSE Bug 1049398",
"url": "https://bugzilla.suse.com/1049398"
},
{
"category": "self",
"summary": "SUSE Bug 1049399",
"url": "https://bugzilla.suse.com/1049399"
},
{
"category": "self",
"summary": "SUSE Bug 1049404",
"url": "https://bugzilla.suse.com/1049404"
},
{
"category": "self",
"summary": "SUSE Bug 1049411",
"url": "https://bugzilla.suse.com/1049411"
},
{
"category": "self",
"summary": "SUSE Bug 1049415",
"url": "https://bugzilla.suse.com/1049415"
},
{
"category": "self",
"summary": "SUSE Bug 1049416",
"url": "https://bugzilla.suse.com/1049416"
},
{
"category": "self",
"summary": "SUSE Bug 1049417",
"url": "https://bugzilla.suse.com/1049417"
},
{
"category": "self",
"summary": "SUSE Bug 1049422",
"url": "https://bugzilla.suse.com/1049422"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3635 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3636 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3641 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3648 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3651 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3652 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3653 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3653/"
}
],
"title": "Security update for mysql",
"tracking": {
"current_release_date": "2017-08-29T14:50:19Z",
"generator": {
"date": "2017-08-29T14:50:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2290-1",
"initial_release_date": "2017-08-29T14:50:19Z",
"revision_history": [
{
"date": "2017-08-29T14:50:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmysql55client18-5.5.57-0.39.3.1.i586",
"product": {
"name": "libmysql55client18-5.5.57-0.39.3.1.i586",
"product_id": "libmysql55client18-5.5.57-0.39.3.1.i586"
}
},
{
"category": "product_version",
"name": "libmysql55client_r18-5.5.57-0.39.3.1.i586",
"product": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.i586",
"product_id": "libmysql55client_r18-5.5.57-0.39.3.1.i586"
}
},
{
"category": "product_version",
"name": "mysql-5.5.57-0.39.3.1.i586",
"product": {
"name": "mysql-5.5.57-0.39.3.1.i586",
"product_id": "mysql-5.5.57-0.39.3.1.i586"
}
},
{
"category": "product_version",
"name": "mysql-client-5.5.57-0.39.3.1.i586",
"product": {
"name": "mysql-client-5.5.57-0.39.3.1.i586",
"product_id": "mysql-client-5.5.57-0.39.3.1.i586"
}
},
{
"category": "product_version",
"name": "mysql-tools-5.5.57-0.39.3.1.i586",
"product": {
"name": "mysql-tools-5.5.57-0.39.3.1.i586",
"product_id": "mysql-tools-5.5.57-0.39.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"product": {
"name": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"product_id": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
}
},
{
"category": "product_version",
"name": "libmysql55client18-5.5.57-0.39.3.1.ia64",
"product": {
"name": "libmysql55client18-5.5.57-0.39.3.1.ia64",
"product_id": "libmysql55client18-5.5.57-0.39.3.1.ia64"
}
},
{
"category": "product_version",
"name": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"product": {
"name": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"product_id": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64"
}
},
{
"category": "product_version",
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"product": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"product_id": "libmysql55client_r18-5.5.57-0.39.3.1.ia64"
}
},
{
"category": "product_version",
"name": "mysql-5.5.57-0.39.3.1.ia64",
"product": {
"name": "mysql-5.5.57-0.39.3.1.ia64",
"product_id": "mysql-5.5.57-0.39.3.1.ia64"
}
},
{
"category": "product_version",
"name": "mysql-client-5.5.57-0.39.3.1.ia64",
"product": {
"name": "mysql-client-5.5.57-0.39.3.1.ia64",
"product_id": "mysql-client-5.5.57-0.39.3.1.ia64"
}
},
{
"category": "product_version",
"name": "mysql-tools-5.5.57-0.39.3.1.ia64",
"product": {
"name": "mysql-tools-5.5.57-0.39.3.1.ia64",
"product_id": "mysql-tools-5.5.57-0.39.3.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"product_id": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "libmysql55client18-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "libmysql55client18-5.5.57-0.39.3.1.ppc64",
"product_id": "libmysql55client18-5.5.57-0.39.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"product_id": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"product_id": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "mysql-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "mysql-5.5.57-0.39.3.1.ppc64",
"product_id": "mysql-5.5.57-0.39.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "mysql-client-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "mysql-client-5.5.57-0.39.3.1.ppc64",
"product_id": "mysql-client-5.5.57-0.39.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "mysql-tools-5.5.57-0.39.3.1.ppc64",
"product": {
"name": "mysql-tools-5.5.57-0.39.3.1.ppc64",
"product_id": "mysql-tools-5.5.57-0.39.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"product": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"product_id": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysql55client18-5.5.57-0.39.3.1.s390x",
"product": {
"name": "libmysql55client18-5.5.57-0.39.3.1.s390x",
"product_id": "libmysql55client18-5.5.57-0.39.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"product": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"product_id": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"product": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"product_id": "libmysql55client_r18-5.5.57-0.39.3.1.s390x"
}
},
{
"category": "product_version",
"name": "mysql-5.5.57-0.39.3.1.s390x",
"product": {
"name": "mysql-5.5.57-0.39.3.1.s390x",
"product_id": "mysql-5.5.57-0.39.3.1.s390x"
}
},
{
"category": "product_version",
"name": "mysql-client-5.5.57-0.39.3.1.s390x",
"product": {
"name": "mysql-client-5.5.57-0.39.3.1.s390x",
"product_id": "mysql-client-5.5.57-0.39.3.1.s390x"
}
},
{
"category": "product_version",
"name": "mysql-tools-5.5.57-0.39.3.1.s390x",
"product": {
"name": "mysql-tools-5.5.57-0.39.3.1.s390x",
"product_id": "mysql-tools-5.5.57-0.39.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"product_id": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysql55client18-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "libmysql55client18-5.5.57-0.39.3.1.x86_64",
"product_id": "libmysql55client18-5.5.57-0.39.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"product_id": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"product_id": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "mysql-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "mysql-5.5.57-0.39.3.1.x86_64",
"product_id": "mysql-5.5.57-0.39.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "mysql-client-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "mysql-client-5.5.57-0.39.3.1.x86_64",
"product_id": "mysql-client-5.5.57-0.39.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "mysql-tools-5.5.57-0.39.3.1.x86_64",
"product": {
"name": "mysql-tools-5.5.57-0.39.3.1.x86_64",
"product_id": "mysql-tools-5.5.57-0.39.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586"
},
"product_reference": "mysql-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64"
},
"product_reference": "mysql-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "mysql-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x"
},
"product_reference": "mysql-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "mysql-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client18-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
},
"product_reference": "libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586"
},
"product_reference": "mysql-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64"
},
"product_reference": "mysql-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "mysql-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x"
},
"product_reference": "mysql-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "mysql-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-client-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "mysql-client-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mysql-tools-5.5.57-0.39.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64"
},
"product_reference": "mysql-tools-5.5.57-0.39.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3635"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. Note: The documentation has also been updated for the correct way to use mysql_stmt_close(). Please see: https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-execute.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-fetch.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-close.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-error.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-errno.html, and https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-sqlstate.html. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3635",
"url": "https://www.suse.com/security/cve/CVE-2017-3635"
},
{
"category": "external",
"summary": "SUSE Bug 1049397 for CVE-2017-3635",
"url": "https://bugzilla.suse.com/1049397"
},
{
"category": "external",
"summary": "SUSE Bug 1049398 for CVE-2017-3635",
"url": "https://bugzilla.suse.com/1049398"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3635",
"url": "https://bugzilla.suse.com/1049422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-3635"
},
{
"cve": "CVE-2017-3636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3636"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3636",
"url": "https://www.suse.com/security/cve/CVE-2017-3636"
},
{
"category": "external",
"summary": "SUSE Bug 1049399 for CVE-2017-3636",
"url": "https://bugzilla.suse.com/1049399"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3636",
"url": "https://bugzilla.suse.com/1049422"
},
{
"category": "external",
"summary": "SUSE Bug 1054591 for CVE-2017-3636",
"url": "https://bugzilla.suse.com/1054591"
},
{
"category": "external",
"summary": "SUSE Bug 1076506 for CVE-2017-3636",
"url": "https://bugzilla.suse.com/1076506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-3636"
},
{
"cve": "CVE-2017-3641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3641"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3641",
"url": "https://www.suse.com/security/cve/CVE-2017-3641"
},
{
"category": "external",
"summary": "SUSE Bug 1049404 for CVE-2017-3641",
"url": "https://bugzilla.suse.com/1049404"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3641",
"url": "https://bugzilla.suse.com/1049422"
},
{
"category": "external",
"summary": "SUSE Bug 1054591 for CVE-2017-3641",
"url": "https://bugzilla.suse.com/1054591"
},
{
"category": "external",
"summary": "SUSE Bug 1076506 for CVE-2017-3641",
"url": "https://bugzilla.suse.com/1076506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-3641"
},
{
"cve": "CVE-2017-3648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3648"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3648",
"url": "https://www.suse.com/security/cve/CVE-2017-3648"
},
{
"category": "external",
"summary": "SUSE Bug 1049411 for CVE-2017-3648",
"url": "https://bugzilla.suse.com/1049411"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3648",
"url": "https://bugzilla.suse.com/1049422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-3648"
},
{
"cve": "CVE-2017-3651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3651"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3651",
"url": "https://www.suse.com/security/cve/CVE-2017-3651"
},
{
"category": "external",
"summary": "SUSE Bug 1049415 for CVE-2017-3651",
"url": "https://bugzilla.suse.com/1049415"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3651",
"url": "https://bugzilla.suse.com/1049422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-3651"
},
{
"cve": "CVE-2017-3652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3652"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3652",
"url": "https://www.suse.com/security/cve/CVE-2017-3652"
},
{
"category": "external",
"summary": "SUSE Bug 1049416 for CVE-2017-3652",
"url": "https://bugzilla.suse.com/1049416"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3652",
"url": "https://bugzilla.suse.com/1049422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-3652"
},
{
"cve": "CVE-2017-3653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3653"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3653",
"url": "https://www.suse.com/security/cve/CVE-2017-3653"
},
{
"category": "external",
"summary": "SUSE Bug 1049417 for CVE-2017-3653",
"url": "https://bugzilla.suse.com/1049417"
},
{
"category": "external",
"summary": "SUSE Bug 1049422 for CVE-2017-3653",
"url": "https://bugzilla.suse.com/1049422"
},
{
"category": "external",
"summary": "SUSE Bug 1054591 for CVE-2017-3653",
"url": "https://bugzilla.suse.com/1054591"
},
{
"category": "external",
"summary": "SUSE Bug 1076506 for CVE-2017-3653",
"url": "https://bugzilla.suse.com/1076506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.57-0.39.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.57-0.39.3.1.ia64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-08-29T14:50:19Z",
"details": "low"
}
],
"title": "CVE-2017-3653"
}
]
}
ghsa-wpv7-j2jg-64jq
Vulnerability from github
Published
2022-05-13 01:45
Modified
2022-05-13 01:45
Severity ?
VLAI Severity ?
Details
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).
{
"affected": [],
"aliases": [
"CVE-2017-3652"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-08T15:29:00Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"id": "GHSA-wpv7-j2jg-64jq",
"modified": "2022-05-13T01:45:49Z",
"published": "2022-05-13T01:45:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2787"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3922"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99805"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038928"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…