-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3054-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
October 20, 2014                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mysql-5.5
CVE ID         : CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463
                 CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484
                 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496
                 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520
                 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559
Debian Bug     : 765663

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.40. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:

 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
 https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
 http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJURSC7AAoJEAVMuPMTQ89EasQP/RxXHja/33Mofs2nZY2T0c++
BblmAs1D8t1csPTPjPGC2UFrBNWvvKSintqHid1W34ulFQahR+Uw0t6vuNOKoVnh
oBnayvOkAl2R6EcMS3DrdEPCgmj6NGC6QNG2Qt43a5tYdR3YCBTCMhPcHoIM6m3J
eQH/3UetTKrxvqM0nXNjTcVppdHUzKP3b2W/DRP90X0qtD5DdkqEqh12rCZVBvnO
b3AegaZ/PoEnmzqXkLIpRs2Dtx9P/dWeL9vCDZN0X6h+NSJzXYd0YfjfEIYldSXI
vKHIXFyno69pelQ7YoUA/+XKyVbvZzPL1STgV9dJtHWUi4TMR9VgIFuJMVaBoNDR
YTcfN61CfOkhUI45PhEp+mprlKVwwrLXrR/R5g4dHr28EmdQmvIJOOtxbUJAUd0m
y7q5PUuXWuVC54Kjm51m249dNY8IMgBAiIdrvlQyQiOL28Wgc0z2+IWFZnSL8eSH
5l8jKi20x6BYNIKQHWBqt2s4yej39dNaiNnCGqnUUOCzrbpfY1xzP25GPtQo+jVc
+1IygdKN8SG3S5FTQcHsND4C2cb3A9Tgf2gwffVrQq0TyQvXQbGjWN+xh4FAhU/D
ysAYdd2zPQGd+9OAE/Ja1uMZ2NY/CTzn9y5Or6eTCLpDmNFN28MsvQ9SAkAWVKe8
SgOwAiXo3xRUsGy6UiHm
=j4S6
-----END PGP SIGNATURE-----