CVE 2016-5440
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
Related bugs and status
CVE-2016-5440 (Candidate) is related to these bugs:
Bug #1571865: mysql fails to start after upgrade if previous defaults were customised
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1571865 | mysql fails to start after upgrade if previous defaults were customised | mysql-5.7 (Ubuntu) | High | Fix Released | ||
1571865 | mysql fails to start after upgrade if previous defaults were customised | Release Notes for Ubuntu | Undecided | Fix Released | ||
1571865 | mysql fails to start after upgrade if previous defaults were customised | mysql-5.7 (Ubuntu Xenial) | High | Fix Released |
Bug #1574458: Logs.var.log.mysql.error.log.txt contains usernames and passwords
Bug #1576647: mysqld is not restarted after postinst runs mysql_upgrade
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1576647 | mysqld is not restarted after postinst runs mysql_upgrade | mysql-5.7 (Ubuntu) | Medium | Fix Released | ||
1576647 | mysqld is not restarted after postinst runs mysql_upgrade | mysql-5.7 (Ubuntu Xenial) | Medium | Fix Released |
Bug #1577712: mysql_upgrade is called twice concurrently on upgrade from 14.04
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1577712 | mysql_upgrade is called twice concurrently on upgrade from 14.04 | mysql-5.7 (Ubuntu) | High | Fix Released | ||
1577712 | mysql_upgrade is called twice concurrently on upgrade from 14.04 | mysql-5.7 (Ubuntu Xenial) | High | Fix Released |
Bug #1602763: postinst does not print a helpful message when the server will fail to start
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1602763 | postinst does not print a helpful message when the server will fail to start | mysql-5.7 (Ubuntu) | Medium | Fix Released | ||
1602763 | postinst does not print a helpful message when the server will fail to start | mysql-5.7 (Ubuntu Xenial) | Undecided | Fix Released |
Bug #1604796: mysql 5.5.50, 5.6.31, 5.7.13 security update tracking bug
Bug #1605493: USN-3040-1: MySQL vulnerabilities partially applies to MariaDB too
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1605493 | USN-3040-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-10.0 (Ubuntu) | Medium | Fix Released | ||
1605493 | USN-3040-1: MySQL vulnerabilities partially applies to MariaDB too | mariadb-5.5 (Ubuntu) | Medium | Fix Released |
Bug #1668934: percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7
See the
CVE page on Mitre.org
for more details.