[debian-mysql] Bug#841050: Bug#841050: Security fixes from the October 2016 CPU
Lars Tangvald
lars.tangvald at oracle.com
Wed Oct 19 06:46:06 UTC 2016
Hi,
This might be an error in the CPU announcement (they sometimes get
corrections after the initial announcement). I'll try to track down
someone who's worked on this fix and ask.
--
Lars
On 10/19/2016 08:21 AM, Salvatore Bonaccorso wrote:
> Hi Lars, hi Norvald,
>
> On Wed, Oct 19, 2016 at 08:03:00AM +0200, Lars Tangvald wrote:
>> The following CVEs are fixed in 5.5.53:
>> CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
> The listing of CVE-2016-6662 is confusing here. This should actually
> already be addressed in 5.5.52, cf.
> http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
>
> Any insight on why Oracle claims it to be only fixed in 5.5.53?
>
> Regards,
> Salvatore
More information about the pkg-mysql-maint
mailing list