Security update for mysql

Announcement ID:	SUSE-SU-2015:2303-1
Rating:	moderate
References:	bsc#951391 bsc#952196
Cross-References:	CVE-2015-0286 CVE-2015-0288 CVE-2015-1789 CVE-2015-1793 CVE-2015-4730 CVE-2015-4766 CVE-2015-4792 CVE-2015-4800 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4833 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4862 CVE-2015-4864 CVE-2015-4866 CVE-2015-4870 CVE-2015-4879 CVE-2015-4890 CVE-2015-4895 CVE-2015-4904 CVE-2015-4905 CVE-2015-4910 CVE-2015-4913
CVSS scores:	CVE-2015-1789 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SLES for SAP Applications 11-SP3 SLES for SAP Applications 11-SP4 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4

An update that solves 29 vulnerabilities can now be installed.

Description:

The mysql package was updated to version 5.5.46 to fixs several security and non security issues.

• bnc#951391: update to version 5.5.46
• changes: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-46.html
• fixed CVEs: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789, CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4833, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890, CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910, CVE-2015-4913
• bnc#952196: Fixed a build error for ppc, s390 and ia64 architectures.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Desktop 11 SP3
  zypper in -t patch sledsp3-mysql-12272=1
• SUSE Linux Enterprise Desktop 11 SP4
  zypper in -t patch sledsp4-mysql-12272=1
• SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3
  zypper in -t patch slessp3-mysql-12272=1
• SUSE Linux Enterprise Server 11 SP3
  zypper in -t patch slessp3-mysql-12272=1
• SLES for SAP Applications 11-SP3
  zypper in -t patch slessp3-mysql-12272=1
• SUSE Linux Enterprise Software Development Kit 11 SP3
  zypper in -t patch sdksp3-mysql-12272=1
• SUSE Linux Enterprise Software Development Kit 11 SP4
  zypper in -t patch sdksp4-mysql-12272=1
• SUSE Linux Enterprise Server 11 SP4
  zypper in -t patch slessp4-mysql-12272=1
• SLES for SAP Applications 11-SP4
  zypper in -t patch slessp4-mysql-12272=1

Package List:

• SUSE Linux Enterprise Desktop 11 SP3 (x86_64 i586)
  • mysql-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
• SUSE Linux Enterprise Desktop 11 SP3 (x86_64)
  • libmysql55client_r18-32bit-5.5.46-0.14.1
  • libmysql55client18-32bit-5.5.46-0.14.1
• SUSE Linux Enterprise Desktop 11 SP4 (x86_64 i586)
  • mysql-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
• SUSE Linux Enterprise Desktop 11 SP4 (x86_64)
  • libmysql55client_r18-32bit-5.5.46-0.14.1
  • libmysql55client18-32bit-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3 (x86_64 i586)
  • mysql-tools-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
  • mysql-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3 (x86_64)
  • libmysql55client18-32bit-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP3 (s390x x86_64 i586 ppc64 ia64)
  • mysql-tools-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
  • mysql-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP3 (ia64)
  • libmysql55client18-x86-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64)
  • libmysql55client18-32bit-5.5.46-0.14.1
• SLES for SAP Applications 11-SP3 (x86_64)
  • mysql-tools-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
  • mysql-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
  • libmysql55client18-32bit-5.5.46-0.14.1
• SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64)
  • libmysql55client_r18-x86-5.5.46-0.14.1
• SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64)
  • libmysql55client_r18-32bit-5.5.46-0.14.1
• SUSE Linux Enterprise Software Development Kit 11 SP4 (ia64)
  • libmysql55client_r18-x86-5.5.46-0.14.1
• SUSE Linux Enterprise Software Development Kit 11 SP4 (ppc64 s390x x86_64)
  • libmysql55client_r18-32bit-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64)
  • mysql-tools-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
  • mysql-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP4 (ia64)
  • libmysql55client18-x86-5.5.46-0.14.1
  • libmysql55client_r18-x86-5.5.46-0.14.1
• SUSE Linux Enterprise Server 11 SP4 (ppc64 s390x x86_64)
  • libmysql55client_r18-32bit-5.5.46-0.14.1
  • libmysql55client18-32bit-5.5.46-0.14.1
• SLES for SAP Applications 11-SP4 (ppc64 x86_64)
  • mysql-tools-5.5.46-0.14.1
  • mysql-client-5.5.46-0.14.1
  • libmysql55client_r18-5.5.46-0.14.1
  • libmysql55client18-5.5.46-0.14.1
  • mysql-5.5.46-0.14.1
  • libmysql55client_r18-32bit-5.5.46-0.14.1
  • libmysql55client18-32bit-5.5.46-0.14.1

References:

• https://www.suse.com/security/cve/CVE-2015-0286.html
• https://www.suse.com/security/cve/CVE-2015-0288.html
• https://www.suse.com/security/cve/CVE-2015-1789.html
• https://www.suse.com/security/cve/CVE-2015-1793.html
• https://www.suse.com/security/cve/CVE-2015-4730.html
• https://www.suse.com/security/cve/CVE-2015-4766.html
• https://www.suse.com/security/cve/CVE-2015-4792.html
• https://www.suse.com/security/cve/CVE-2015-4800.html
• https://www.suse.com/security/cve/CVE-2015-4802.html
• https://www.suse.com/security/cve/CVE-2015-4815.html
• https://www.suse.com/security/cve/CVE-2015-4816.html
• https://www.suse.com/security/cve/CVE-2015-4819.html
• https://www.suse.com/security/cve/CVE-2015-4826.html
• https://www.suse.com/security/cve/CVE-2015-4830.html
• https://www.suse.com/security/cve/CVE-2015-4833.html
• https://www.suse.com/security/cve/CVE-2015-4836.html
• https://www.suse.com/security/cve/CVE-2015-4858.html
• https://www.suse.com/security/cve/CVE-2015-4861.html
• https://www.suse.com/security/cve/CVE-2015-4862.html
• https://www.suse.com/security/cve/CVE-2015-4864.html
• https://www.suse.com/security/cve/CVE-2015-4866.html
• https://www.suse.com/security/cve/CVE-2015-4870.html
• https://www.suse.com/security/cve/CVE-2015-4879.html
• https://www.suse.com/security/cve/CVE-2015-4890.html
• https://www.suse.com/security/cve/CVE-2015-4895.html
• https://www.suse.com/security/cve/CVE-2015-4904.html
• https://www.suse.com/security/cve/CVE-2015-4905.html
• https://www.suse.com/security/cve/CVE-2015-4910.html
• https://www.suse.com/security/cve/CVE-2015-4913.html
• https://bugzilla.suse.com/show_bug.cgi?id=951391
• https://bugzilla.suse.com/show_bug.cgi?id=952196