CVE 2016-3477
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.
Related bugs and status
CVE-2016-3477 (Candidate) is related to these bugs:
Bug #1571865: mysql fails to start after upgrade if previous defaults were customised
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1571865 | mysql fails to start after upgrade if previous defaults were customised | mysql-5.7 (Ubuntu) | High | Fix Released | ||
| 1571865 | mysql fails to start after upgrade if previous defaults were customised | Release Notes for Ubuntu | Undecided | Fix Released | ||
| 1571865 | mysql fails to start after upgrade if previous defaults were customised | mysql-5.7 (Ubuntu Xenial) | High | Fix Released | ||
Bug #1574458: Logs.var.log.mysql.error.log.txt contains usernames and passwords
Bug #1576647: mysqld is not restarted after postinst runs mysql_upgrade
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1576647 | mysqld is not restarted after postinst runs mysql_upgrade | mysql-5.7 (Ubuntu) | Medium | Fix Released | ||
| 1576647 | mysqld is not restarted after postinst runs mysql_upgrade | mysql-5.7 (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1577712: mysql_upgrade is called twice concurrently on upgrade from 14.04
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1577712 | mysql_upgrade is called twice concurrently on upgrade from 14.04 | mysql-5.7 (Ubuntu) | High | Fix Released | ||
| 1577712 | mysql_upgrade is called twice concurrently on upgrade from 14.04 | mysql-5.7 (Ubuntu Xenial) | High | Fix Released | ||
Bug #1602763: postinst does not print a helpful message when the server will fail to start
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1602763 | postinst does not print a helpful message when the server will fail to start | mysql-5.7 (Ubuntu) | Medium | Fix Released | ||
| 1602763 | postinst does not print a helpful message when the server will fail to start | mysql-5.7 (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1604796: mysql 5.5.50, 5.6.31, 5.7.13 security update tracking bug
Bug #1605493: USN-3040-1: MySQL vulnerabilities partially applies to MariaDB too
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1605493 | USN-3040-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-10.0 (Ubuntu) | Medium | Fix Released | ||
| 1605493 | USN-3040-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-5.5 (Ubuntu) | Medium | Fix Released | ||
Bug #1638125: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1638125 | USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-10.0 (Ubuntu) | High | Fix Released | ||
| 1638125 | USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-10.0 (Ubuntu Yakkety) | High | Fix Released | ||
| 1638125 | USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-10.0 (Ubuntu Zesty) | High | Fix Released | ||
| 1638125 | USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-10.0 (Ubuntu Xenial) | High | Fix Released | ||
| 1638125 | USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-5.5 (Ubuntu Trusty) | High | Fix Released | ||
Bug #1668934: percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7
See the 
CVE page on Mitre.org
for more details.
