[DOC] CVE page

Bug #1181238 reported by Raghavendra D Prabhu
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Percona Server moved to https://jira.percona.com/projects/PS
Status tracked in 5.7
5.1
Won't Fix
Wishlist
Unassigned
5.5
Triaged
Wishlist
Borys Belinsky
5.6
Triaged
Wishlist
Borys Belinsky
5.7
Triaged
Wishlist
Borys Belinsky

Bug Description

[In:Percona Server Documentation]

Currently we don't have a single point to check which CVEs have been fixed in PS releases to-date (and to be fixed in upcoming releases (though this can be discussed if needed)).

Tags: doc
Changed in percona-server:
assignee: nobody → Hrvoje Matijakovic (hrvojem)
Changed in percona-server:
status: New → Confirmed
Revision history for this message
David Busby (d-busby) wrote :
Download full text (4.0 KiB)

this would be useful; I am currently tracking some 12 CVE's in 2014 already

---
    CVE: CVE-2014-0001
   SEVERITY: High
DESCRIPTION: Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
*************************** 2. row ***************************
        CVE: CVE-2014-0386
   SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
*************************** 3. row ***************************
        CVE: CVE-2014-0393
   SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.
*************************** 4. row ***************************
        CVE: CVE-2014-0401
   SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.
*************************** 5. row ***************************
        CVE: CVE-2014-0402
   SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
*************************** 6. row ***************************
        CVE: CVE-2014-0412
   SEVERITY: Medium
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
*************************** 7. row ***************************
        CVE: CVE-2014-0420
   SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.
*************************** 8. row ***************************
        CVE: CVE-2014-0427
   SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.
*************************** 9. row ***************************
        CVE: CVE-2014-0430
   SEVERITY: Low
DESCRIPTION: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
*************************** 10. row ***************************
        CVE: CVE-2014-0431
   SEVERITY: Low
DESCRIPTION: Unspecified vulnerability i...

Read more...

Revision history for this message
Shahriyar Rzayev (rzayev-sehriyar) wrote :

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PS-2420

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.