Skip to navigation

Security Advisory Moderate: mysql security update

Advisory: RHSA-2012:0127-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-02-13
Last updated on: 2012-02-13
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-1849
CVE-2012-0075
CVE-2012-0087
CVE-2012-0101
CVE-2012-0102
CVE-2012-0114
CVE-2012-0484
CVE-2012-0490

Details

Updated mysql packages that fix several security issues are now available
for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.

This update fixes several vulnerabilities in the MySQL database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2012-0075,
CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484,
CVE-2012-0490)

These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL
release notes for a full list of changes:

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html

All MySQL users should upgrade to these updated packages, which correct
these issues. After installing this update, the MySQL server daemon
(mysqld) will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
mysql-5.0.95-1.el5_7.1.src.rpm
File outdated by:  RHSA-2013:0180
    MD5: 4069eca2f44d0c0fc2ab0312b84e240d
SHA-256: f267e6f6c2b64595b7afac46f293b88ace94fe1419356f0599d7b4fdfc32b951
 
IA-32:
mysql-bench-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: c4f1d92ccc13ad1fcec987366c06d7de
SHA-256: 5fce656558012ac2d0a76d7230570396459f77c360c0a1e4e2494f86f3c369ad
mysql-devel-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: cadb860bafb4e713da2dbd59c3947009
SHA-256: 52586c3312900dd3bd9c4c64627c5d0088a2ed26efcf2cb342deb32160a19dda
mysql-server-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: a9cce10d16a8f68f8926921cee02a195
SHA-256: 0b305b192cf20368335b190720c35794b1ecac7f9b189a3d5ba7874bf8f533f6
mysql-test-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 90aadaf0a36645e312804f685a60ea75
SHA-256: 641b918a987f3167f2e3a8ffe994e87d78f85e30900d2347dcdc8f7a9d7629da
 
x86_64:
mysql-bench-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 3c84210c5874436d05086f9c1fa5291d
SHA-256: c9cd560c1ff5ef18905d4bf9f950b60a72c1367a4e70e28bca451657bd4e68ff
mysql-devel-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: cadb860bafb4e713da2dbd59c3947009
SHA-256: 52586c3312900dd3bd9c4c64627c5d0088a2ed26efcf2cb342deb32160a19dda
mysql-devel-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 30a7ea832a63b7285201d2dde5c59d93
SHA-256: 17956fdd59b355b8736cbba6c095b4031d82666a57439a82307c375145eb7676
mysql-server-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: d45545f21f04aedb35c208908c4e7159
SHA-256: 439dffe34045fe5b38b3d000dd1283df16da36729fbfe9f0d1b3c2364ab1c9e8
mysql-test-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 0ceea922f7a2b240ab16b94486657a6c
SHA-256: e858c2da163acaf4ed5cf24be9dbf3180ac3d42140d22921fa715c64ebdb7e12
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
mysql-5.0.95-1.el5_7.1.src.rpm
File outdated by:  RHSA-2013:0180
    MD5: 4069eca2f44d0c0fc2ab0312b84e240d
SHA-256: f267e6f6c2b64595b7afac46f293b88ace94fe1419356f0599d7b4fdfc32b951
 
IA-32:
mysql-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 48e24e62bf2775ad40dfed6fc7345e2e
SHA-256: e593e8bd8ca33c7c928693f2f80e21694668d9328a22e0c6c3eaf0507a6e9c13
mysql-bench-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: c4f1d92ccc13ad1fcec987366c06d7de
SHA-256: 5fce656558012ac2d0a76d7230570396459f77c360c0a1e4e2494f86f3c369ad
mysql-devel-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: cadb860bafb4e713da2dbd59c3947009
SHA-256: 52586c3312900dd3bd9c4c64627c5d0088a2ed26efcf2cb342deb32160a19dda
mysql-server-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: a9cce10d16a8f68f8926921cee02a195
SHA-256: 0b305b192cf20368335b190720c35794b1ecac7f9b189a3d5ba7874bf8f533f6
mysql-test-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 90aadaf0a36645e312804f685a60ea75
SHA-256: 641b918a987f3167f2e3a8ffe994e87d78f85e30900d2347dcdc8f7a9d7629da
 
IA-64:
mysql-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 48e24e62bf2775ad40dfed6fc7345e2e
SHA-256: e593e8bd8ca33c7c928693f2f80e21694668d9328a22e0c6c3eaf0507a6e9c13
mysql-5.0.95-1.el5_7.1.ia64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 91d54012d008c91e3369f58f76c35f5f
SHA-256: f7b5368e55cf1925ea3396286bd8261a86870b3858a72b7b9e699adc08282fac
mysql-bench-5.0.95-1.el5_7.1.ia64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 6e9bc9a3cd1cc9415d00e8e38fc4304b
SHA-256: cff6b346e4d28fe5baa463c3329ef49a4456b0c82d583ed1c31dd4cdf0070bed
mysql-devel-5.0.95-1.el5_7.1.ia64.rpm
File outdated by:  RHSA-2013:0180
    MD5: e0fbdcedbcba432ab2f845ce1ffeb379
SHA-256: 06f429bf641a08692558da250fd341aa38751fbb77d55188dad0d8bf6258da6c
mysql-server-5.0.95-1.el5_7.1.ia64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 14fc4e8d65c03dfab6a6017d50156960
SHA-256: 0ca035c1ef1eacfcabc293eb1459407fb1ca8a9a33257866f12353478d70e792
mysql-test-5.0.95-1.el5_7.1.ia64.rpm
File outdated by:  RHSA-2013:0180
    MD5: b19b24a4b198e6cb949c43b61459321f
SHA-256: 8f6ba09a3f89c80902bbd0b9b264193cb3131d7161ffd9fc312bea446d67a088
 
PPC:
mysql-5.0.95-1.el5_7.1.ppc.rpm
File outdated by:  RHSA-2013:0180
    MD5: f1fa3964eecf49343d609dc1f50152d6
SHA-256: 29921fd683e486bd42390db6cc5e2f5e2c47ec77d2ba569532fcc58a92d1a689
mysql-5.0.95-1.el5_7.1.ppc64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 1af343e38cbbf96b4b7b3c2858392078
SHA-256: d13c39445accf3b7630f68b0239ca6e439175de8a60177b6ee91cbcf3f6a9007
mysql-bench-5.0.95-1.el5_7.1.ppc.rpm
File outdated by:  RHSA-2013:0180
    MD5: 15ff75b11f2866d6c96a03adeb15fd58
SHA-256: 650b9d0180ae9be8ff470fc5c3a3ca7091471a3c44bae0ea33faa9b4ae1043e1
mysql-devel-5.0.95-1.el5_7.1.ppc.rpm
File outdated by:  RHSA-2013:0180
    MD5: 6c334d98b8dd3bdb17f6d18ef1357aa0
SHA-256: 2e612522b0d2998fcce97618f4b46e5547ec0acbc1603e775dae96654551e912
mysql-devel-5.0.95-1.el5_7.1.ppc64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 32ae3937c60d988f4f55bc8682af62a3
SHA-256: 216458207f46788d20f7ab787086d0010799a9a32753a946618f2cea6a388e06
mysql-server-5.0.95-1.el5_7.1.ppc.rpm
File outdated by:  RHSA-2013:0180
    MD5: e05dceffd8c9c8ad015657a808175d8b
SHA-256: 784cee7a97c677210197a7a7d061a4aa7aa10ca528aacdc37e59440e21d9834a
mysql-server-5.0.95-1.el5_7.1.ppc64.rpm
File outdated by:  RHSA-2013:0180
    MD5: f4c3bea29ec72b9acd647a4c6520f491
SHA-256: 4efbe410f32af468cf7b276a0b5f59db627e02edfdca280aca11082fffbb2d31
mysql-test-5.0.95-1.el5_7.1.ppc.rpm
File outdated by:  RHSA-2013:0180
    MD5: c045e81db7eafc3a704a281d66aa2f8a
SHA-256: 30438d5e704d93cbde7c7119188ffe6db63ec98de34cce3ac7f03e74f96f024a
 
s390x:
mysql-5.0.95-1.el5_7.1.s390.rpm
File outdated by:  RHSA-2013:0180
    MD5: 4b1b57be38c9ba6d19e445f7a77cf41e
SHA-256: b6541efebd66d1334096cb3cd19fa489971ad44733b65c58007f8ce62895ae98
mysql-5.0.95-1.el5_7.1.s390x.rpm
File outdated by:  RHSA-2013:0180
    MD5: 112935c016d46efe0d88c26ac93de6c2
SHA-256: 36ffeb19a17b08a962c84e490c20c5ae42fcb56edf922fb62ddd5a2898c0a672
mysql-bench-5.0.95-1.el5_7.1.s390x.rpm
File outdated by:  RHSA-2013:0180
    MD5: aa485539e99cce59feeaf159c599efad
SHA-256: 708d95a0c2d58c148ae45db4323add5f9e4347bf73d88d150f69d727f94b0d09
mysql-devel-5.0.95-1.el5_7.1.s390.rpm
File outdated by:  RHSA-2013:0180
    MD5: 59b8f392aa2388142b49aa11e7cad743
SHA-256: 830ee28fba288c92a478ed5ba8470ba207892f35f2a6c7868580d737bef175bb
mysql-devel-5.0.95-1.el5_7.1.s390x.rpm
File outdated by:  RHSA-2013:0180
    MD5: 7825783f741743cbb07acf93ca04403b
SHA-256: 1c719ff7ee730ccd96c5d6c119ff2bae9f4c71107cd7f37e979374706445e829
mysql-server-5.0.95-1.el5_7.1.s390x.rpm
File outdated by:  RHSA-2013:0180
    MD5: c282dd5ea8edc41a88ff9eb8baceb0e2
SHA-256: e961881d9a846c3a1864ebef21ee2df16ffaa4bf92e8b800e99ae90fa2a504e6
mysql-test-5.0.95-1.el5_7.1.s390x.rpm
File outdated by:  RHSA-2013:0180
    MD5: 39376e8f3a66f86a0f528b7961c13a55
SHA-256: 0b2823f9e551f947d160b5dde4fb11d802577fffe4205ff2950cda89360cc98f
 
x86_64:
mysql-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 48e24e62bf2775ad40dfed6fc7345e2e
SHA-256: e593e8bd8ca33c7c928693f2f80e21694668d9328a22e0c6c3eaf0507a6e9c13
mysql-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: bb26385a30ac80366051c7c59f9231fa
SHA-256: 25e66f655a8456d70a6069a974f7f06275812139c5c5e57b9acbc1e9fa16a13b
mysql-bench-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 3c84210c5874436d05086f9c1fa5291d
SHA-256: c9cd560c1ff5ef18905d4bf9f950b60a72c1367a4e70e28bca451657bd4e68ff
mysql-devel-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: cadb860bafb4e713da2dbd59c3947009
SHA-256: 52586c3312900dd3bd9c4c64627c5d0088a2ed26efcf2cb342deb32160a19dda
mysql-devel-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 30a7ea832a63b7285201d2dde5c59d93
SHA-256: 17956fdd59b355b8736cbba6c095b4031d82666a57439a82307c375145eb7676
mysql-server-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: d45545f21f04aedb35c208908c4e7159
SHA-256: 439dffe34045fe5b38b3d000dd1283df16da36729fbfe9f0d1b3c2364ab1c9e8
mysql-test-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: 0ceea922f7a2b240ab16b94486657a6c
SHA-256: e858c2da163acaf4ed5cf24be9dbf3180ac3d42140d22921fa715c64ebdb7e12
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
mysql-5.0.95-1.el5_7.1.src.rpm
File outdated by:  RHSA-2013:0180
    MD5: 4069eca2f44d0c0fc2ab0312b84e240d
SHA-256: f267e6f6c2b64595b7afac46f293b88ace94fe1419356f0599d7b4fdfc32b951
 
IA-32:
mysql-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 48e24e62bf2775ad40dfed6fc7345e2e
SHA-256: e593e8bd8ca33c7c928693f2f80e21694668d9328a22e0c6c3eaf0507a6e9c13
 
x86_64:
mysql-5.0.95-1.el5_7.1.i386.rpm
File outdated by:  RHSA-2013:0180
    MD5: 48e24e62bf2775ad40dfed6fc7345e2e
SHA-256: e593e8bd8ca33c7c928693f2f80e21694668d9328a22e0c6c3eaf0507a6e9c13
mysql-5.0.95-1.el5_7.1.x86_64.rpm
File outdated by:  RHSA-2013:0180
    MD5: bb26385a30ac80366051c7c59f9231fa
SHA-256: 25e66f655a8456d70a6069a974f7f06275812139c5c5e57b9acbc1e9fa16a13b
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

783794 - CVE-2012-0075 mysql: Unspecified vulnerability allows remote authenticated users to affect integrity
783795 - CVE-2012-0087 mysql: Unspecified vulnerability allows remote authenticated users to affect availability
783797 - CVE-2012-0101 mysql: Unspecified vulnerability allows remote authenticated users to affect availability
783798 - CVE-2012-0102 mysql: Unspecified vulnerability allows remote authenticated users to affect availability
783801 - CVE-2012-0114 mysql: Unspecified vulnerability allows local users to affect confidentiality and integrity
783808 - CVE-2012-0484 mysql: Unspecified vulnerability allows remote authenticated users to affect confidentiality
783815 - CVE-2012-0490 mysql: Unspecified vulnerability allows remote authenticated users to affect availability


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/