http://www.oracle.com/technetwork/topics/security/cpujul2016-2881720.html#AppendixMSQL
=dev-db/mysql-{5.6.30, 5.5.0} are already in tree and 5.6.30 stabilized. We will assign the relevant CVE's to that bug. *** This bug has been marked as a duplicate of bug 580832 ***
(In reply to Aaron Bauman from comment #1) > =dev-db/mysql-{5.6.30, 5.5.0} are already in tree and 5.6.30 stabilized. We > will assign the relevant CVE's to that bug. > > *** This bug has been marked as a duplicate of bug 580832 *** Several of the CVEs affect <=5.6.30. 5.6.31 should be the new stable target.
*** Bug 589410 has been marked as a duplicate of this bug. ***
Added to existing GLSA.
CVE-2016-5440 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5440): Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: RBR. CVE-2016-5439 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5439): Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges. CVE-2016-3615 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3615): Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: DML. CVE-2016-3614 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3614): Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption. CVE-2016-3521 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3521): Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. CVE-2016-3501 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3501): Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. CVE-2016-3486 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3486): Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS. CVE-2016-3477 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3477): Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser. CVE-2016-3459 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3459): Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
@arches, please stabilize: =dev-db/mysql-5.6.31
Stable for PPC64.
Stable for HPPA.
Stable on alpha.
arm stable
amd64 stable
x86 stable
sparc stable
ppc stable
ia64 stable. Maintainer(s), please cleanup.
@maintainers, please clean 5.6.31.
This issue was resolved and addressed in GLSA 201610-06 at https://security.gentoo.org/glsa/201610-06 by GLSA coordinator Aaron Bauman (b-man).
Reopening for cleanup. Please cleanup the following: =dev-db/mysql-5.6.30
Cleanup complete
(In reply to Brian Evans from comment #19) > Cleanup complete Thanks, Brian!