Gentoo Linux Security Advisory 201409-4 - Multiple vulnerabilities have been found in MySQL, worst of which allows local attackers to escalate their privileges. Versions less than 5.5.39 are affected.
e41d06c2c432439d773fa63fdf7762487fd6cf0cb75e8b0100ef3d33be750cc6
Red Hat Security Advisory 2014-0189-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MariaDB command line client tool processed excessively long version strings. If a user connected to a malicious MariaDB server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.
9363f0425f3e1aa13fb9ec359268ed701ecf985bc1020734a200c6db13333cfd
Red Hat Security Advisory 2014-0186-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MySQL command line client tool processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.
309b1751a944b837c1314800979bc01678fd9c00fe5c6e246816bb4d53bfb3e8
Red Hat Security Advisory 2014-0173-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MySQL command line client tool processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.
31ea251646a83ad0404f232d723f28503dc57e7493d6173e5c3a773c84e8b119
Debian Linux Security Advisory 2818-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.5.33, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes for further details.
a32ccfc50d3db892c186c24c3c194dc467f7b0aaee069c43eb68192ec6c04900
Ubuntu Security Notice 2006-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.72 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10 have been updated to MySQL 5.5.34. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
cb8de417ff7f62570e9cf059820b5b3e849c9637f24c9974857bfb156a0ab65f
Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
997866fcbe06e5a0d3d671cad421d631798c370aa8d68534717d905391eee5f0
Mandriva Linux Security Advisory 2013-250 - Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a Security Fix, aka Bug #59533. NOTE: this might be a duplicate of but as of 20120816, Oracle has not commented on this possibility. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. The updated packages have been upgraded to the 5.1.72 version which is not vulnerable to these issues.
c864968f108811c88cbf8bf6028a5edaa0d41e1d45fc7d00a66784be1d337ca6