Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3645 (GCVE-0-2017-3645)
Vulnerability from cvelistv5 – Published: 2017-08-08 15:00 – Updated: 2024-10-04 17:01
VLAI?
EPSS
Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity ?
No CVSS data available.
CWE
- Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | MySQL Server |
Affected:
5.7.18 and earlier
|
Date Public ?
2017-07-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:30:59.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99783",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99783"
},
{
"name": "1038928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "RHSA-2017:2886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3645",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:47:59.197056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T17:01:57.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MySQL Server",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "5.7.18 and earlier"
}
]
}
],
"datePublic": "2017-07-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-07T10:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "99783",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99783"
},
{
"name": "1038928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "RHSA-2017:2886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7.18 and earlier"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99783",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99783"
},
{
"name": "1038928",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "RHSA-2017:2886",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3645",
"datePublished": "2017-08-08T15:00:00.000Z",
"dateReserved": "2016-12-06T00:00:00.000Z",
"dateUpdated": "2024-10-04T17:01:57.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3645\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2017-08-08T15:29:08.490\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente MySQL Server en Oracle MySQL (subcomponente: Server: Optimizer). Las versiones compatibles que se han visto afectadas son la 5.7.18 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante con un alto nivel de privilegios que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de MySQL Server. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar el bloqueo o cierre repetido (DoS completo) de MySQL Server. CVSS 3.0 Base Score 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.7.18\",\"matchCriteriaId\":\"DE7974ED-AFE6-44A8-B89C-BB19F6DCD1CC\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99783\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038928\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2886\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/99783\", \"name\": \"99783\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1038928\", \"name\": \"1038928\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2886\", \"name\": \"RHSA-2017:2886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T14:30:59.097Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-3645\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-04T15:47:59.197056Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-04T15:49:19.695Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"MySQL Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.7.18 and earlier\"}]}], \"datePublic\": \"2017-07-18T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/99783\", \"name\": \"99783\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.securitytracker.com/id/1038928\", \"name\": \"1038928\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2886\", \"name\": \"RHSA-2017:2886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2017-12-07T10:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"5.7.18 and earlier\", \"version_affected\": \"=\"}]}, \"product_name\": \"MySQL Server\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/99783\", \"name\": \"99783\", \"refsource\": \"BID\"}, {\"url\": \"http://www.securitytracker.com/id/1038928\", \"name\": \"1038928\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2886\", \"name\": \"RHSA-2017:2886\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-3645\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-3645\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-04T17:01:57.717Z\", \"dateReserved\": \"2016-12-06T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2017-08-08T15:00:00.000Z\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CNVD-2017-17013
Vulnerability from cnvd - Published: 2017-07-27
VLAI Severity ?
Title
Oracle MySQL Server拒绝服务漏洞(CNVD-2017-17013)
Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。MySQL Server component是其中的服务器组件。
Oracle MySQL中的MySQL Server组件的Server: Optimizer子组件存在安全漏洞。远程授权攻击者可利用该漏洞造成拒绝服务(挂起和频繁崩溃),影响数据的可用性。
Severity
高
Patch Name
Oracle MySQL Server拒绝服务漏洞(CNVD-2017-17013)的补丁
Patch Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。MySQL Server component是其中的服务器组件。
Oracle MySQL中的MySQL Server组件的Server: Optimizer子组件存在安全漏洞。远程授权攻击者可利用该漏洞造成拒绝服务(挂起和频繁崩溃),影响数据的可用性。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
Reference
http://securitytracker.com/id/1038928
Impacted products
| Name | Oracle MySQL Server <= 5.7.18 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-3645",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3645"
}
},
"description": "Oracle MySQL\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002MySQL Server component\u662f\u5176\u4e2d\u7684\u670d\u52a1\u5668\u7ec4\u4ef6\u3002\r\n\r\nOracle MySQL\u4e2d\u7684MySQL Server\u7ec4\u4ef6\u7684Server: Optimizer\u5b50\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u6388\u6743\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u6302\u8d77\u548c\u9891\u7e41\u5d29\u6e83\uff09\uff0c\u5f71\u54cd\u6570\u636e\u7684\u53ef\u7528\u6027\u3002",
"discovererName": "Oracle",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-17013",
"openTime": "2017-07-27",
"patchDescription": "Oracle MySQL\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002MySQL Server component\u662f\u5176\u4e2d\u7684\u670d\u52a1\u5668\u7ec4\u4ef6\u3002\r\n\r\nOracle MySQL\u4e2d\u7684MySQL Server\u7ec4\u4ef6\u7684Server: Optimizer\u5b50\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u6388\u6743\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u6302\u8d77\u548c\u9891\u7e41\u5d29\u6e83\uff09\uff0c\u5f71\u54cd\u6570\u636e\u7684\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Oracle MySQL Server\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-17013\uff09\u7684\u8865\u4e01",
"products": {
"product": "Oracle MySQL Server \u003c= 5.7.18"
},
"referenceLink": "http://securitytracker.com/id/1038928",
"serverity": "\u9ad8",
"submitTime": "2017-07-21",
"title": "Oracle MySQL Server\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-17013\uff09"
}
GSD-2017-3645
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3645",
"description": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"id": "GSD-2017-3645",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3645.html",
"https://access.redhat.com/errata/RHSA-2017:2886",
"https://ubuntu.com/security/CVE-2017-3645"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3645"
],
"details": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"id": "GSD-2017-3645",
"modified": "2023-12-13T01:21:16.326317Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7.18 and earlier"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99783",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99783"
},
{
"name": "1038928",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "RHSA-2017:2886",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.7.18",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3645"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "1038928",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"name": "99783",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99783"
},
{
"name": "RHSA-2017:2886",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2017-08-08T15:29Z"
}
}
}
CERTFR-2017-AVI-224
Vulnerability from certfr_avis - Published: 2017-07-19 - Updated: 2017-07-19
De multiples vulnérabilités ont été corrigées dans Oracle MySQL. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | MySQL | MySQL Server versions 7.3.5 et antérieures | ||
| Oracle | MySQL | MySQL Server versions 5.6.36 et antérieures | ||
| Oracle | MySQL | MySQL Connectors versions 5.3.7 et antérieures | ||
| Oracle | MySQL | MySQL Enterprise Monitor versions 3.2.7.1204 et antérieures | ||
| Oracle | MySQL | MySQL Enterprise Monitor versions 3.1.5.7958 et antérieures | ||
| Oracle | MySQL | MySQL Server versions 5.5.56 et antérieures | ||
| Oracle | MySQL | MySQL Connectors versions 6.1.19 et antérieures | ||
| Oracle | MySQL | MySQL Enterprise Monitor versions 3.3.3.1199 et antérieures | ||
| Oracle | MySQL | MySQL Server versions 5.7.18 et antérieures |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "MySQL Server versions 7.3.5 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Server versions 5.6.36 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Connectors versions 5.3.7 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Enterprise Monitor versions 3.2.7.1204 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Enterprise Monitor versions 3.1.5.7958 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Server versions 5.5.56 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Connectors versions 6.1.19 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Enterprise Monitor versions 3.3.3.1199 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Server versions 5.7.18 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-5651",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5651"
},
{
"name": "CVE-2016-4436",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4436"
},
{
"name": "CVE-2017-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3644"
},
{
"name": "CVE-2017-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3652"
},
{
"name": "CVE-2017-3650",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3650"
},
{
"name": "CVE-2017-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3636"
},
{
"name": "CVE-2017-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3653"
},
{
"name": "CVE-2017-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3649"
},
{
"name": "CVE-2017-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3637"
},
{
"name": "CVE-2017-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3634"
},
{
"name": "CVE-2017-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3642"
},
{
"name": "CVE-2017-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3647"
},
{
"name": "CVE-2017-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3646"
},
{
"name": "CVE-2017-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3645"
},
{
"name": "CVE-2017-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3638"
},
{
"name": "CVE-2017-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3635"
},
{
"name": "CVE-2017-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3643"
},
{
"name": "CVE-2017-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3633"
},
{
"name": "CVE-2017-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3640"
},
{
"name": "CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"name": "CVE-2017-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3651"
},
{
"name": "CVE-2017-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3639"
},
{
"name": "CVE-2017-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3641"
},
{
"name": "CVE-2017-3648",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3648"
},
{
"name": "CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"name": "CVE-2017-3529",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3529"
},
{
"name": "CVE-2014-1912",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1912"
}
],
"initial_release_date": "2017-07-19T00:00:00",
"last_revision_date": "2017-07-19T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2017-3236622 du 17 juillet 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"reference": "CERTFR-2017-AVI-224",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-07-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle MySQL\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0\nun attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, un d\u00e9ni de service et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2017-3236622 du 17 juillet 2017",
"url": null
}
]
}
FKIE_CVE-2017-3645
Vulnerability from fkie_nvd - Published: 2017-08-08 15:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
References
| URL | Tags | ||
|---|---|---|---|
| secalert_us@oracle.com | http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | Patch, Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/99783 | Third Party Advisory, VDB Entry | |
| secalert_us@oracle.com | http://www.securitytracker.com/id/1038928 | Third Party Advisory, VDB Entry | |
| secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:2886 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99783 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038928 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2886 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7974ED-AFE6-44A8-B89C-BB19F6DCD1CC",
"versionEndIncluding": "5.7.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente MySQL Server en Oracle MySQL (subcomponente: Server: Optimizer). Las versiones compatibles que se han visto afectadas son la 5.7.18 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante con un alto nivel de privilegios que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de MySQL Server. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar el bloqueo o cierre repetido (DoS completo) de MySQL Server. CVSS 3.0 Base Score 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
],
"id": "CVE-2017-3645",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:08.490",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99783"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
RHSA-2017:2886
Vulnerability from csaf_redhat - Published: 2017-10-12 07:53 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: rh-mysql57-mysql security and bug fix update
Severity
Important
Notes
Topic: An update for rh-mysql57-mysql is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
The following packages have been upgraded to a later upstream version: rh-mysql57-mysql (5.7.19).
Security Fix(es):
* An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon. (CVE-2017-3599)
* It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)
* It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291)
* Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312)
* This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages listed in the References section. (CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3251, CVE-2017-3256, CVE-2017-3257, CVE-2017-3258, CVE-2017-3273, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3319, CVE-2017-3320, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459, CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468, CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3637, CVE-2017-3638, CVE-2017-3639, CVE-2017-3640, CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644, CVE-2017-3645, CVE-2017-3646, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653)
Bug Fix(es):
* Prior to this update, the scl macros were not set for the rh-mysql57-mysqld@.service file, which consequently made the service file unusable. This bug has been fixed, and rh-mysql57-mysqld@.service now works as expected. (BZ#1452511)
* Previously, the md5() function was blocked by MySQL in FIPS mode because the MD5 hash algorithm is considered insecure. Consequently, the mysqld daemon failed with error messages when FIPS mode was enabled. With this update, md5() is allowed in FIPS mode for non-security operations. Note that users are able to use md5() for security purposes but such usage is not supported by Red Hat. (BZ#1452514)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root.
6.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
7.7 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
7.7 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).
4.0 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).
4.0 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).
4.2 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
https://access.redhat.com/errata/RHSA-2017:2886
References
Acknowledgments
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-mysql57-mysql is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.\n\nThe following packages have been upgraded to a later upstream version: rh-mysql57-mysql (5.7.19).\n\nSecurity Fix(es):\n\n* An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon. (CVE-2017-3599)\n\n* It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)\n\n* It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291)\n\n* Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312)\n\n* This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages listed in the References section. (CVE-2016-8327, CVE-2017-3238, CVE-2017-3244, CVE-2017-3251, CVE-2017-3256, CVE-2017-3257, CVE-2017-3258, CVE-2017-3273, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3319, CVE-2017-3320, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459, CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468, CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3637, CVE-2017-3638, CVE-2017-3639, CVE-2017-3640, CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644, CVE-2017-3645, CVE-2017-3646, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653)\n\nBug Fix(es):\n\n* Prior to this update, the scl macros were not set for the rh-mysql57-mysqld@.service file, which consequently made the service file unusable. This bug has been fixed, and rh-mysql57-mysqld@.service now works as expected. (BZ#1452511)\n\n* Previously, the md5() function was blocked by MySQL in FIPS mode because the MD5 hash algorithm is considered insecure. Consequently, the mysqld daemon failed with error messages when FIPS mode was enabled. With this update, md5() is allowed in FIPS mode for non-security operations. Note that users are able to use md5() for security purposes but such usage is not supported by Red Hat. (BZ#1452514)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2886",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html"
},
{
"category": "external",
"summary": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html",
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html"
},
{
"category": "external",
"summary": "1414133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414133"
},
{
"category": "external",
"summary": "1414337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414337"
},
{
"category": "external",
"summary": "1414338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414338"
},
{
"category": "external",
"summary": "1414342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414342"
},
{
"category": "external",
"summary": "1414343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414343"
},
{
"category": "external",
"summary": "1414345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414345"
},
{
"category": "external",
"summary": "1414350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414350"
},
{
"category": "external",
"summary": "1414351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414351"
},
{
"category": "external",
"summary": "1414352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414352"
},
{
"category": "external",
"summary": "1414353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414353"
},
{
"category": "external",
"summary": "1414355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414355"
},
{
"category": "external",
"summary": "1414357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414357"
},
{
"category": "external",
"summary": "1414358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414358"
},
{
"category": "external",
"summary": "1414360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414360"
},
{
"category": "external",
"summary": "1414429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414429"
},
{
"category": "external",
"summary": "1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "1443358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443358"
},
{
"category": "external",
"summary": "1443359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443359"
},
{
"category": "external",
"summary": "1443362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443362"
},
{
"category": "external",
"summary": "1443363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443363"
},
{
"category": "external",
"summary": "1443365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443365"
},
{
"category": "external",
"summary": "1443366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443366"
},
{
"category": "external",
"summary": "1443368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443368"
},
{
"category": "external",
"summary": "1443369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443369"
},
{
"category": "external",
"summary": "1443371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443371"
},
{
"category": "external",
"summary": "1443372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443372"
},
{
"category": "external",
"summary": "1443374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443374"
},
{
"category": "external",
"summary": "1443375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443375"
},
{
"category": "external",
"summary": "1443376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443376"
},
{
"category": "external",
"summary": "1443377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443377"
},
{
"category": "external",
"summary": "1443378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443378"
},
{
"category": "external",
"summary": "1443379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443379"
},
{
"category": "external",
"summary": "1443380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443380"
},
{
"category": "external",
"summary": "1443382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443382"
},
{
"category": "external",
"summary": "1443385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443385"
},
{
"category": "external",
"summary": "1443386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443386"
},
{
"category": "external",
"summary": "1472682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472682"
},
{
"category": "external",
"summary": "1472683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472683"
},
{
"category": "external",
"summary": "1472684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472684"
},
{
"category": "external",
"summary": "1472687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472687"
},
{
"category": "external",
"summary": "1472688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472688"
},
{
"category": "external",
"summary": "1472689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472689"
},
{
"category": "external",
"summary": "1472692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472692"
},
{
"category": "external",
"summary": "1472693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472693"
},
{
"category": "external",
"summary": "1472695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472695"
},
{
"category": "external",
"summary": "1472697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472697"
},
{
"category": "external",
"summary": "1472698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472698"
},
{
"category": "external",
"summary": "1472700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472700"
},
{
"category": "external",
"summary": "1472701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472701"
},
{
"category": "external",
"summary": "1472703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472703"
},
{
"category": "external",
"summary": "1472704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472704"
},
{
"category": "external",
"summary": "1472705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472705"
},
{
"category": "external",
"summary": "1472706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472706"
},
{
"category": "external",
"summary": "1472708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472708"
},
{
"category": "external",
"summary": "1472710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472710"
},
{
"category": "external",
"summary": "1472711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472711"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2886.json"
}
],
"title": "Red Hat Security Advisory: rh-mysql57-mysql security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:02:36+00:00",
"generator": {
"date": "2025-11-21T18:02:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:2886",
"initial_release_date": "2017-10-12T07:53:15+00:00",
"revision_history": [
{
"date": "2017-10-12T07:53:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-12T07:53:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-devel@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-config@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-test@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-errmsg@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-server@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-debuginfo@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"product": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"product_id": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-common@5.7.19-6.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-devel@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-config@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-test@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-errmsg@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-server@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-debuginfo@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"product": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"product_id": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql-common@5.7.19-6.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"product": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"product_id": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-mysql57-mysql@5.7.19-6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
},
"product_reference": "rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5483",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1433010"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Incorrect input validation allowing code execution via mysqldump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5483"
},
{
"category": "external",
"summary": "RHBZ#1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5483"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/",
"url": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/",
"url": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/"
}
],
"release_date": "2017-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Incorrect input validation allowing code execution via mysqldump"
},
{
"cve": "CVE-2016-8327",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414337"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8327"
},
{
"category": "external",
"summary": "RHBZ#1414337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8327",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8327"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3238",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414338"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3238"
},
{
"category": "external",
"summary": "RHBZ#1414338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3238",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3238"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3244",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414342"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3244"
},
{
"category": "external",
"summary": "RHBZ#1414342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3244"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3251",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414343"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3251"
},
{
"category": "external",
"summary": "RHBZ#1414343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414343"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3251",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3251"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3256",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414345"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3256"
},
{
"category": "external",
"summary": "RHBZ#1414345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3256",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3256"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3256",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3256"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3257",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414350"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: InnoDB unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3257"
},
{
"category": "external",
"summary": "RHBZ#1414350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3257"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3257",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3257"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: InnoDB unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3258",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414351"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3258"
},
{
"category": "external",
"summary": "RHBZ#1414351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3258"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3273",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414352"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3273"
},
{
"category": "external",
"summary": "RHBZ#1414352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414352"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3273",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3273"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3273",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3273"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jan 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3291",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414429"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unrestricted mysqld_safe\u0027s ledir (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3291"
},
{
"category": "external",
"summary": "RHBZ#1414429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3291",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3291"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unrestricted mysqld_safe\u0027s ledir (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3308",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443358"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3308"
},
{
"category": "external",
"summary": "RHBZ#1443358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3308"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3308",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3308"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3309",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443359"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3309"
},
{
"category": "external",
"summary": "RHBZ#1443359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3309",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3309"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3309",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3309"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-3312",
"discovery_date": "2016-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414133"
}
],
"notes": [
{
"category": "description",
"text": "Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3312"
},
{
"category": "external",
"summary": "RHBZ#1414133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3312",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3312"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3313",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: MyISAM unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3313"
},
{
"category": "external",
"summary": "RHBZ#1414353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3313",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3313"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: MyISAM unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3317",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414355"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Logging unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3317"
},
{
"category": "external",
"summary": "RHBZ#1414355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3317",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3317"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3317",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3317"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Logging unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3318",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414357"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Error Handling unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3318"
},
{
"category": "external",
"summary": "RHBZ#1414357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3318",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3318"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Error Handling unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3319",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414358"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: X Plugin unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3319"
},
{
"category": "external",
"summary": "RHBZ#1414358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3319",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3319"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: X Plugin unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3320",
"discovery_date": "2017-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414360"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3320"
},
{
"category": "external",
"summary": "RHBZ#1414360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3320",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3320"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3320",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3320"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2017)"
},
{
"cve": "CVE-2017-3331",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443362"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3331"
},
{
"category": "external",
"summary": "RHBZ#1443362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3331",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3331"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3450",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443363"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Memcached unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3450"
},
{
"category": "external",
"summary": "RHBZ#1443363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3450"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Memcached unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3453",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443365"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3453"
},
{
"category": "external",
"summary": "RHBZ#1443365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3453",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3453"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3454",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443366"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: InnoDB unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3454"
},
{
"category": "external",
"summary": "RHBZ#1443366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3454",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3454"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: InnoDB unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3455",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443368"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3455"
},
{
"category": "external",
"summary": "RHBZ#1443368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443368"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3455",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3455"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3456",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443369"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3456"
},
{
"category": "external",
"summary": "RHBZ#1443369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3456"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3457",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443371"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3457"
},
{
"category": "external",
"summary": "RHBZ#1443371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3457",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3457"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3458",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443372"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3458"
},
{
"category": "external",
"summary": "RHBZ#1443372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443372"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3458",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3458"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3459",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443374"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3459"
},
{
"category": "external",
"summary": "RHBZ#1443374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3459"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3460",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443375"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Audit Plug-in unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3460"
},
{
"category": "external",
"summary": "RHBZ#1443375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3460"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Audit Plug-in unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3461",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443376"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3461"
},
{
"category": "external",
"summary": "RHBZ#1443376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3461"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3462",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443377"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3462"
},
{
"category": "external",
"summary": "RHBZ#1443377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3462",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3462"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3463",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443378"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3463"
},
{
"category": "external",
"summary": "RHBZ#1443378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3463"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3464",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443379"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3464"
},
{
"category": "external",
"summary": "RHBZ#1443379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3464",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3464"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3465",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443380"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3465"
},
{
"category": "external",
"summary": "RHBZ#1443380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3465"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3467",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443382"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: C API unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3467"
},
{
"category": "external",
"summary": "RHBZ#1443382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3467",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3467"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: C API unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3468",
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443385"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3468"
},
{
"category": "external",
"summary": "RHBZ#1443385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3468"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: Security: Encryption unspecified vulnerability (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3529",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472682"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: UDF unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3529"
},
{
"category": "external",
"summary": "RHBZ#1472682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3529",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3529"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3529",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3529"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: UDF unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3599",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443386"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3599"
},
{
"category": "external",
"summary": "RHBZ#1443386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3599"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/",
"url": "https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/"
}
],
"release_date": "2017-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)"
},
{
"cve": "CVE-2017-3600",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2017-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1433010"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Incorrect input validation allowing code execution via mysqldump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3600"
},
{
"category": "external",
"summary": "RHBZ#1433010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3600"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3600",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3600"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/",
"url": "https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/"
},
{
"category": "external",
"summary": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/",
"url": "https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/"
}
],
"release_date": "2017-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Incorrect input validation allowing code execution via mysqldump"
},
{
"cve": "CVE-2017-3633",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472683"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Memcached unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3633"
},
{
"category": "external",
"summary": "RHBZ#1472683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3633"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Memcached unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3634",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472684"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3634"
},
{
"category": "external",
"summary": "RHBZ#1472684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3634"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3637",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472687"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3637"
},
{
"category": "external",
"summary": "RHBZ#1472687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3637"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3638",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472688"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3638"
},
{
"category": "external",
"summary": "RHBZ#1472688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3638"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3639",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472689"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3639"
},
{
"category": "external",
"summary": "RHBZ#1472689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3639"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3640",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472692"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3640"
},
{
"category": "external",
"summary": "RHBZ#1472692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3640"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3640",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3640"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3641",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472693"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3641"
},
{
"category": "external",
"summary": "RHBZ#1472693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472693"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3641"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3642",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472695"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3642"
},
{
"category": "external",
"summary": "RHBZ#1472695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3642"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3643",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472697"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3643"
},
{
"category": "external",
"summary": "RHBZ#1472697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472697"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3643"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3643",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3643"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3644",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472698"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3644"
},
{
"category": "external",
"summary": "RHBZ#1472698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3644"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DML unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3645",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472700"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3645"
},
{
"category": "external",
"summary": "RHBZ#1472700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472700"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3645"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3646",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472701"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3646"
},
{
"category": "external",
"summary": "RHBZ#1472701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472701"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3646"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3646",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3646"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: X Plugin unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3647",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472703"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3647"
},
{
"category": "external",
"summary": "RHBZ#1472703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3647"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3648",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Charsets unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3648"
},
{
"category": "external",
"summary": "RHBZ#1472704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3648",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3648"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Charsets unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3649",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472705"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3649"
},
{
"category": "external",
"summary": "RHBZ#1472705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472705"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3649"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: Replication unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3650",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472706"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: C API unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3650"
},
{
"category": "external",
"summary": "RHBZ#1472706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3650",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3650"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3650",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3650"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: C API unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3651",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472708"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3651"
},
{
"category": "external",
"summary": "RHBZ#1472708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3651"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3652",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472710"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3652"
},
{
"category": "external",
"summary": "RHBZ#1472710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3652"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2017-3653",
"discovery_date": "2017-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1472711"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3653"
},
{
"category": "external",
"summary": "RHBZ#1472711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3653"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3653",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3653"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL"
}
],
"release_date": "2017-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)"
},
{
"cve": "CVE-2019-2730",
"discovery_date": "2019-07-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1731995"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2730"
},
{
"category": "external",
"summary": "RHBZ#1731995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731995"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2730",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2730"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2730",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2730"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T07:53:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.src",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Server-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Server-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.src",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-common-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-config-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-debuginfo-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-devel-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-errmsg-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-server-0:5.7.19-6.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-mysql57-mysql-test-0:5.7.19-6.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)"
}
]
}
GHSA-GQ9W-XHJ4-QH3R
Vulnerability from github – Published: 2022-05-13 01:45 – Updated: 2022-05-13 01:45
VLAI?
Details
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity ?
4.9 (Medium)
{
"affected": [],
"aliases": [
"CVE-2017-3645"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-08T15:29:00Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"id": "GHSA-gq9w-xhj4-qh3r",
"modified": "2022-05-13T01:45:48Z",
"published": "2022-05-13T01:45:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3645"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2886"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99783"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038928"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…