[DOC] CVE page
Bug #1181238 reported by
Raghavendra D Prabhu
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Percona Server moved to https://jira.percona.com/projects/PS | Status tracked in 5.7 | |||||
5.1 |
Won't Fix
|
Wishlist
|
Unassigned | |||
5.5 |
Triaged
|
Wishlist
|
Borys Belinsky | |||
5.6 |
Triaged
|
Wishlist
|
Borys Belinsky | |||
5.7 |
Triaged
|
Wishlist
|
Borys Belinsky |
Bug Description
[In:Percona Server Documentation]
Currently we don't have a single point to check which CVEs have been fixed in PS releases to-date (and to be fixed in upcoming releases (though this can be discussed if needed)).
Changed in percona-server: | |
assignee: | nobody → Hrvoje Matijakovic (hrvojem) |
Changed in percona-server: | |
status: | New → Confirmed |
To post a comment you must log in.
this would be useful; I am currently tracking some 12 CVE's in 2014 already
--- ******* ******* ****** 2. row ******* ******* ******* ****** ******* ******* ****** 3. row ******* ******* ******* ****** ******* ******* ****** 4. row ******* ******* ******* ****** ******* ******* ****** 5. row ******* ******* ******* ****** ******* ******* ****** 6. row ******* ******* ******* ****** ******* ******* ****** 7. row ******* ******* ******* ****** ******* ******* ****** 8. row ******* ******* ******* ****** ******* ******* ****** 9. row ******* ******* ******* ****** ******* ******* ****** 10. row ******* ******* ******* ******
CVE: CVE-2014-0001
SEVERITY: High
DESCRIPTION: Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
*******
CVE: CVE-2014-0386
SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
*******
CVE: CVE-2014-0393
SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.
*******
CVE: CVE-2014-0401
SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.
*******
CVE: CVE-2014-0402
SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
*******
CVE: CVE-2014-0412
SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
*******
CVE: CVE-2014-0420
SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.
*******
CVE: CVE-2014-0427
SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.
*******
CVE: CVE-2014-0430
SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
*******
CVE: CVE-2014-0431
SEVERITY: Low
DESCRIPTION: Unspecified vulnerability i...