DSA-2818-1 mysql-5.5 -- severalID: oval:org.secpod.oval:def:601178 | Date: (C)2014-01-08 (M)2023-12-07 |
Class: PATCH | Family: unix |
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.5.33, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Matthias Reichl reported that the mysql-5.5 package misses the patches applied previous in Debian"s mysql-5.1 to drop the database "test" and the permissions that allow anonymous access, without a password, from localhost to the "test" database and any databases starting with "test_". This update reintroduces these patches for the mysql-5.5 package. Existing databases and permissions are not touched. Please refer to the NEWS file provided with this update for further information.