Security update for mysql SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:1279-1 Final 1 1 2016-05-11T12:39:19Z current 2016-05-11T12:39:19Z 2016-05-11T12:39:19Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for mysql mysql was updated to version 5.5.49 to fix 13 security issues. These security issues were fixed: - CVE-2016-0644: Unspecified vulnerability allowed local users to affect availability via vectors related to DDL (bsc#976341). - CVE-2016-0646: Unspecified vulnerability allowed local users to affect availability via vectors related to DML (bsc#976341). - CVE-2016-0647: Unspecified vulnerability allowed local users to affect availability via vectors related to FTS (bsc#976341). - CVE-2016-0640: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to DML (bsc#976341). - CVE-2016-0641: Unspecified vulnerability allowed local users to affect confidentiality and availability via vectors related to MyISAM (bsc#976341). - CVE-2016-0642: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to Federated (bsc#976341). - CVE-2016-0643: Unspecified vulnerability allowed local users to affect confidentiality via vectors related to DML (bsc#976341). - CVE-2016-0666: Unspecified vulnerability allowed local users to affect availability via vectors related to Security: Privileges (bsc#976341). - CVE-2016-0651: Unspecified vulnerability allowed local users to affect availability via vectors related to Optimizer (bsc#976341). - CVE-2016-0650: Unspecified vulnerability allowed local users to affect availability via vectors related to Replication (bsc#976341). - CVE-2016-0648: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#976341). - CVE-2016-0649: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#976341). - CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c did not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via a '/CN=' string in a field in a certificate, as demonstrated by '/OU=/CN=bar.com/CN=foo.com (bsc#963806). More details are available at - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp4-mysql-12554,slessp4-mysql-12554 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ Link for SUSE-SU-2016:1279-1 https://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html E-Mail link for SUSE-SU-2016:1279-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/963806 SUSE Bug 963806 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://www.suse.com/security/cve/CVE-2016-0640/ SUSE CVE CVE-2016-0640 page https://www.suse.com/security/cve/CVE-2016-0641/ SUSE CVE CVE-2016-0641 page https://www.suse.com/security/cve/CVE-2016-0642/ SUSE CVE CVE-2016-0642 page https://www.suse.com/security/cve/CVE-2016-0643/ SUSE CVE CVE-2016-0643 page https://www.suse.com/security/cve/CVE-2016-0644/ SUSE CVE CVE-2016-0644 page https://www.suse.com/security/cve/CVE-2016-0646/ SUSE CVE CVE-2016-0646 page https://www.suse.com/security/cve/CVE-2016-0647/ SUSE CVE CVE-2016-0647 page https://www.suse.com/security/cve/CVE-2016-0648/ SUSE CVE CVE-2016-0648 page https://www.suse.com/security/cve/CVE-2016-0649/ SUSE CVE CVE-2016-0649 page https://www.suse.com/security/cve/CVE-2016-0650/ SUSE CVE CVE-2016-0650 page https://www.suse.com/security/cve/CVE-2016-0651/ SUSE CVE CVE-2016-0651 page https://www.suse.com/security/cve/CVE-2016-0666/ SUSE CVE CVE-2016-0666 page https://www.suse.com/security/cve/CVE-2016-2047/ SUSE CVE CVE-2016-2047 page SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 libmysql55client_r18-32bit-5.5.49-0.20.1 libmysql55client_r18-x86-5.5.49-0.20.1 libmysql55client18-5.5.49-0.20.1 libmysql55client18-32bit-5.5.49-0.20.1 libmysql55client18-x86-5.5.49-0.20.1 libmysql55client_r18-5.5.49-0.20.1 mysql-5.5.49-0.20.1 mysql-client-5.5.49-0.20.1 mysql-tools-5.5.49-0.20.1 libmysql55client18-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 libmysql55client18-32bit-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 libmysql55client18-x86-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 libmysql55client_r18-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 libmysql55client_r18-32bit-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 libmysql55client_r18-x86-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 mysql-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 mysql-client-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 mysql-tools-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP4 libmysql55client18-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libmysql55client18-32bit-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libmysql55client18-x86-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libmysql55client_r18-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libmysql55client_r18-32bit-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libmysql55client_r18-x86-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 mysql-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 mysql-client-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 mysql-tools-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libmysql55client_r18-32bit-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libmysql55client_r18-x86-5.5.49-0.20.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML. CVE-2016-0640 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 5.2 AV:L/AC:L/Au:S/C:N/I:P/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0640.html CVE-2016-0640 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM. CVE-2016-0641 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 5 AV:L/AC:L/Au:M/C:P/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0641.html CVE-2016-0641 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated. CVE-2016-0642 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.4 AV:L/AC:H/Au:M/C:N/I:P/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0642.html CVE-2016-0642 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML. CVE-2016-0643 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 1.7 AV:L/AC:L/Au:S/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0643.html CVE-2016-0643 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL. CVE-2016-0644 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0644.html CVE-2016-0644 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML. CVE-2016-0646 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0646.html CVE-2016-0646 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS. CVE-2016-0647 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 5.4 AV:N/AC:H/Au:N/C:N/I:C/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0647.html CVE-2016-0647 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS. CVE-2016-0648 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0648.html CVE-2016-0648 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS. CVE-2016-0649 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0649.html CVE-2016-0649 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication. CVE-2016-0650 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0650.html CVE-2016-0650 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. CVE-2016-0651 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0651.html CVE-2016-0651 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. CVE-2016-0666 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-0666.html CVE-2016-0666 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904 The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com." CVE-2016-2047 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-client-5.5.49-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:mysql-tools-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-32bit-5.5.49-0.20.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libmysql55client_r18-x86-5.5.49-0.20.1 important 4.9 AV:N/AC:M/Au:S/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161279-1/ https://www.suse.com/security/cve/CVE-2016-2047.html CVE-2016-2047 https://bugzilla.suse.com/963806 SUSE Bug 963806 https://bugzilla.suse.com/976341 SUSE Bug 976341 https://bugzilla.suse.com/980904 SUSE Bug 980904