Security vulnerability in MySQL/MariaDB

All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable.
MariaDB versions from 5.1.62, 5.2.12, 5.3.6, 5.5.23 are not.
MySQL versions from 5.1.63, 5.5.24, 5.6.6 are not.
MariaDB 5.2.12 and MySQL 5.5.24 here :)

but thanks for heads up :)
 
Here's a more detailed post about which versions and distros seem to be affected: https://community.rapid7.com/commun...2-a-tragically-comedic-security-flaw-in-mysql

So far, the following systems have been confirmed as vulnerable:
  • Ubuntu Linux 64-bit ( 10.04, 10.10, 11.04, 11.10, 12.04 ) ( via many including @michealc )
  • OpenSuSE 12.1 64-bit MySQL 5.5.23-log ( via @michealc )
  • Fedora 16 64-bit ( via hexed )
  • Arch Linux (unspecified version)
Feedback so far indicates the following platforms are NOT vulnerable:
  • Official builds from MySQL and MariaDB (including Windows)
  • Red Hat Enterprise Linux, CentOS (32-bit and 64-bit) [ not conclusive ]
  • Ubuntu Linux 32-bit (10.04, 11.10, 12.04, likely all)
  • Debian Linux 6.0.3 64-bit (Version 14.14 Distrib 5.5.18)
  • Debian Linux lenny 32-bit 5.0.51a-24+lenny5 ( via @matthewbloch )
  • Debian Linux lenny 64-bit 5.0.51a-24+lenny5 ( via @matthewbloch )
  • Debian Linux lenny 64-bit 5.1.51-1-log( via @matthewbloch )
  • Debian Linux squeeze 64-bit 5.1.49-3-log ( via @matthewbloch )
  • Debian Linux squeeze 32-bit 5.1.61-0+squeeze1 ( via @matthewbloch )
  • Debian Linux squeeze 64-bit 5.1.61-0+squeeze1 ( via @matthewbloch )
  • Gentoo 64-bit 5.1.62-r1 ( via @twit4c )
  • SuSE 9.3 i586 MySQL 4.1.10a ( via @twit4c )
 
Yeah just update to latest versions.

FYI, cpanel/whm has stated no problems with any of their MySQL versions even <5.1.63.
 
How do I upgrade my mySQL to the latest stable version on ubuntu 64b?

Assuming you're not using a control panel.....

The following should help

Back up any customized config files 1st

Code:
apt-get install aptitude

Code:
aptitude update

Code:
aptitude full-upgrade

You should be all set.
 
Top Bottom