CVE-2013-1492
Published: 28 March 2013
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
mysql-5.1 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.1.68)
|
|
mysql-5.5 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.5.30)
|
|
mysql-cluster-7.0 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
mysql-dfsg-5.0 Launchpad, Ubuntu, Debian |
Upstream |
Ignored
(reached end-of-life)
|
|
mysql-dfsg-5.1 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.1.68)
|
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per Ubuntu Server team As of 2012/01/09, Oracle no longer supports MySQL 5.0. Unfortunately, because of upstream update and commit policies it is not possible to backport patches from later releases. Ubuntu is regrettably unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu 10.04 LTS or later. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1492
- https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
- http://secunia.com/advisories/52445
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html
- http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html
- https://ubuntu.com/security/notices/USN-1807-1
- https://ubuntu.com/security/notices/USN-1807-2
- NVD
- Launchpad
- Debian