Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5823-2

Ubuntu Security Notice 5823-2 - USN-5823-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL 5.7.41.

Packet Storm
#sql#vulnerability#ubuntu#oracle

=========================================================================
Ubuntu Security Notice USN-5823-2
January 24, 2023

mysql-5.7 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 ESM

Summary:

Several security issues were fixed in MySQL.

Software Description:

  • mysql-5.7: MySQL database

Details:

USN-5823-1 fixed a vulnerability in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to MySQL 5.7.41.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html
https://www.oracle.com/security-alerts/cpujan2023.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
mysql-server-5.7 5.7.41-0ubuntu0.16.04.1+esm1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://ubuntu.com/security/notices/USN-5823-2
https://ubuntu.com/security/notices/USN-5823-1
CVE-2023-21840

Related news

Ubuntu Security Notice USN-5823-1

Ubuntu Security Notice 5823-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

CVE-2023-21850: Oracle Critical Patch Update Advisory - January 2023

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Packet Storm: Latest News

Gentoo Linux Security Advisory 202411-05