-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3834-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 25, 2017                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mysql-5.5
CVE ID         : CVE-2017-3302 CVE-2017-3305 CVE-2017-3308 CVE-2017-3309
                 CVE-2017-3329 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461
                 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3600
Debian Bug     : 854713 860544

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.55, which includes additional changes, such as performance
improvements, bug fixes, new features, and possibly incompatible
changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical
Patch Update advisory for further details:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html
 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

For the stable distribution (jessie), these problems have been fixed in
version 5.5.55-0+deb8u1.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlj/Z9hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Sh1xAAoRVCQR6MGesQJt4O8c5EkxGYSy0+80ELNpr5Cqr8Ac7BqxQdcVMDnWb8
5BOwdpkaslbO3B9PWGZRKpgV1FIX/1kKyeJCn8AhHRzJflOLa2SmLdoeWRq3A0db
XTzGb+LDXJJSn/c+lte95Le1x7ED/a7GBcpZp4Is2HiDDC05Vwi/wpvtKXDTxnrM
kU9cC48aUuunrDNQrpq+x/8hsXeM/nhuvH6SYf70ngmp9EjlQ+1AcAMTyVD72Gtx
dUEL3w8rX/Ckp8wuHK5nVrd8YQ58w6ZJN5tYmG7nexyXEa47FHPS99JTwlcDoCo8
ppfUIL6+Paq5hr74wDLygXNEc9U+Pit9y0X3Zw7NInNcktJFYpk2+YOYe0wAjmPQ
RX/VQQm5HSeSvoFBZJkYDZ9du4DOGVokNGbCdZIWhKQeGK7W0YZA40G/l10nZH5u
4nSz8LHbyt2yn5j1Qzn8bb4YcNG1mDW0EckU9r30EUsmxfKCho7k0JdcFqKfnRWA
yzeT6PocszHmtDgXfTR+uw/3z5UorfdBkWh2L2gF4qhFVhSnqqltreVxyqbtTIjA
oKUtemMKwwjokVd3Vlky/yNKHWnFFzZG1xRRxKgzJWj0BG4zZkebq8UZNppkvlRT
SlVKOwUjbk9PTIOzaOxWlk1UgYr+RmA+pnU0/CX4VOifANrwUvo=
=4Fxf
-----END PGP SIGNATURE-----