[SECURITY] Fedora 18 Update: mysql-5.5.28-2.fc18
updates at fedoraproject.org
updates at fedoraproject.org
Sat Jan 12 01:04:47 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-19868
2012-12-06 20:00:12
--------------------------------------------------------------------------------
Name : mysql
Product : Fedora 18
Version : 5.5.28
Release : 2.fc18
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.
--------------------------------------------------------------------------------
Update Information:
- Add patch for CVE-2012-5611
- Widen DH key length from 512 to 1024 bits to meet minimum requirements of FIPS 140-2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 5 2012 Tom Lane <tgl at redhat.com> 5.5.28-2
- Add patch for CVE-2012-5611
Resolves: #883642
- Widen DH key length from 512 to 1024 bits to meet minimum requirements
of FIPS 140-2
Related: #877124
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #881064 - CVE-2012-5611 mysql: acl_get() stack-based buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=881064
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mysql' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list