[CentOS] Latest CVE's For MySQL

Thu Jan 25 16:16:36 UTC 2018
Paul E. Virgo <Paul.E.Virgo at nasa.gov>


Thanks. I needed this to present as 'ammo' for not using a 3rd-party 
MySQL repo to address these security issues.


On 01/25/2018 11:03 AM, Johnny Hughes wrote:
> On 01/25/2018 09:58 AM, Paul E. Virgo wrote:
>> Looks like a series of vulnerability alerts for Oracle MySQL have been
>> issued: CVE-2018-2562, CVE-2018-2647 (both high), CVE-2018-2645,
>> CVE-2018-2646, CVE-2018-2665 (all three medium). This affects versions
>> 5.7.20 and prior. I know CentOS/RedHat usually do backports--anybody
>> know if this is the case, or do we have to go 'outside' now, and get the
>> MySQL repository to use, for the latest and greatest?
>> PEV
> Red Hat no longer uses mysql in EL7 .. it uses mariadb.
> They will backport any security updates for the mysql in EL6.

Paul E Virgo
Sr. System Administrator
Code 610.2
Goddard Space Flight Ctr/NASA
Greenbelt, MD
Greenbelt, MD 20771
(301) 614-5751