MySQL and MariaDB: Multiple vulnerabilities

MySQL and MariaDB: Multiple vulnerabilities Multiple vulnerabilities have been found in MySQL and MariaDB, the worst of which could allow remote attackers to cause a Denial of Service condition or obtain sensitive information. 2016-10-11 2016-10-11 546724 555478 555480 564170 564442 572870 580832 580834 589238 589346 593608 remote 5.6.31 5.6.31 5.5.51 10.0.27 10.0.27

MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL.

Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details.

A remote attacker could exploit vulnerabilities, through multiple vectors, that affect the confidentiality, integrity, and availability of MySQL and MariaDB.

There is no known workaround at this time.

All MySQL users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.6.31"

All MariaDB users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/mariadb-10.0.27"

CVE-2015-2582 CVE-2015-2611 CVE-2015-2617 CVE-2015-2620 CVE-2015-2639 CVE-2015-2641 CVE-2015-2643 CVE-2015-2648 CVE-2015-2661 CVE-2015-4737 CVE-2015-4752 CVE-2015-4756 CVE-2015-4757 CVE-2015-4767 CVE-2015-4769 CVE-2015-4771 CVE-2015-4772 BlueKnight b-man