Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-0441 (GCVE-0-2015-0441)
Vulnerability from cvelistv5 – Published: 2015-04-16 16:00 – Updated: 2024-08-06 04:10
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://security.gentoo.org/glsa/201507-19 | vendor-advisoryx_refsource_GENTOO |
| http://www.debian.org/security/2015/dsa-3229 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securitytracker.com/id/1032121 | vdb-entryx_refsource_SECTRACK |
| http://www.debian.org/security/2015/dsa-3311 | vendor-advisoryx_refsource_DEBIAN |
| http://rhn.redhat.com/errata/RHSA-2015-1647.html | vendor-advisoryx_refsource_REDHAT |
| http://www.oracle.com/technetwork/topics/security… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2015-1628.html | vendor-advisoryx_refsource_REDHAT |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-2575-1 | vendor-advisoryx_refsource_UBUNTU |
| http://rhn.redhat.com/errata/RHSA-2015-1629.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2015-1665.html | vendor-advisoryx_refsource_REDHAT |
Date Public ?
2015-04-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201507-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "DSA-3229",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"name": "1032121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "DSA-3311",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name": "RHSA-2015:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "RHSA-2015:1628",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name": "SUSE-SU-2015:0946",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"name": "USN-2575-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"name": "RHSA-2015:1629",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name": "RHSA-2015:1665",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201507-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "DSA-3229",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"name": "1032121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "DSA-3311",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name": "RHSA-2015:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "RHSA-2015:1628",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name": "SUSE-SU-2015:0946",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"name": "USN-2575-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"name": "RHSA-2015:1629",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name": "RHSA-2015:1665",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0441",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201507-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "DSA-3229",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"name": "1032121",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "DSA-3311",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name": "RHSA-2015:1647",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "RHSA-2015:1628",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name": "SUSE-SU-2015:0946",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"name": "USN-2575-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"name": "RHSA-2015:1629",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name": "RHSA-2015:1665",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0441",
"datePublished": "2015-04-16T16:00:00.000Z",
"dateReserved": "2014-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:10:10.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-0441",
"date": "2026-05-19",
"epss": "0.00384",
"percentile": "0.59825"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.5.0\", \"versionEndIncluding\": \"5.5.41\", \"matchCriteriaId\": \"0579ABCA-7F94-43CD-9D58-DA5720F06618\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.6.0\", \"versionEndIncluding\": \"5.6.22\", \"matchCriteriaId\": \"37669B57-EA80-4951-8094-AE0FB4780EE5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\", \"matchCriteriaId\": \"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"133AAFA7-AF42-4D7B-8822-AA2E85611BF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A67A7B7A-998D-4B8C-8831-6E58406565FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"807C024A-F8E8-4B48-A349-4C68CD252CA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F96E3779-F56A-45FF-BB3D-4980527D721E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BF3C7A5-9117-42C7-BEA1-4AA378A582EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83737173-E12E-4641-BC49-0BD84A6B29D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54D669D4-6D7E-449D-80C1-28FA44F06FFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98381E61-F082-4302-B51F-5648884F998B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D99A687E-EAE6-417E-A88E-D0082BC194CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B353CE99-D57C-465B-AAB0-73EF581127D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7431ABC1-9252-419E-8CC1-311B41360078\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17F256A9-D3B9-4C72-B013-4EFD878BFEA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ED68ADD-BBDA-4485-BC76-58F011D72311\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\", \"matchCriteriaId\": \"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\", \"matchCriteriaId\": \"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F7F8866-DEAD-44D1-AB10-21EE611AA026\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.5.0\", \"versionEndExcluding\": \"5.5.42\", \"matchCriteriaId\": \"3E25BE4B-24FF-4274-B5C5-C84FD2A3D7F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.0.17\", \"matchCriteriaId\": \"6A2440FD-C1A6-4997-8FA4-6ED7D932035D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a trav\\u00e9s de vectores desconocidos relacionados con Server : Security : Encryption.\"}]",
"id": "CVE-2015-0441",
"lastModified": "2024-11-21T02:23:05.253",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:N/I:N/A:P\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2015-04-16T16:59:06.327",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1628.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1629.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1647.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1665.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3229\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3311\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1032121\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2575-1\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201507-19\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1628.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1629.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1647.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1665.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3229\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3311\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1032121\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2575-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201507-19\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-0441\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2015-04-16T16:59:06.327\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Server : Security : Encryption.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndIncluding\":\"5.5.41\",\"matchCriteriaId\":\"0579ABCA-7F94-43CD-9D58-DA5720F06618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.6.0\",\"versionEndIncluding\":\"5.6.22\",\"matchCriteriaId\":\"37669B57-EA80-4951-8094-AE0FB4780EE5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133AAFA7-AF42-4D7B-8822-AA2E85611BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67A7B7A-998D-4B8C-8831-6E58406565FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"807C024A-F8E8-4B48-A349-4C68CD252CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF3C7A5-9117-42C7-BEA1-4AA378A582EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83737173-E12E-4641-BC49-0BD84A6B29D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D669D4-6D7E-449D-80C1-28FA44F06FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98381E61-F082-4302-B51F-5648884F998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7431ABC1-9252-419E-8CC1-311B41360078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F256A9-D3B9-4C72-B013-4EFD878BFEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED68ADD-BBDA-4485-BC76-58F011D72311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7F8866-DEAD-44D1-AB10-21EE611AA026\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndExcluding\":\"5.5.42\",\"matchCriteriaId\":\"3E25BE4B-24FF-4274-B5C5-C84FD2A3D7F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.17\",\"matchCriteriaId\":\"6A2440FD-C1A6-4997-8FA4-6ED7D932035D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1628.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1629.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1647.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1665.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3229\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3311\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032121\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2575-1\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201507-19\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1629.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1647.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1665.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3311\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2575-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201507-19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2015-AVI-173
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Oracle MySQL. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | MySQL | Oracle MySQL Enterprise Monitor versions 2.3.19 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Utilities versions 1.5.1 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Server versions 5.5.42 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Server versions 5.6.23 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Enterprise Monitor versions 3.0.18 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Enterprise Monitor versions 3.0.10 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Connectors versions 5.1.34 et antérieures |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle MySQL Enterprise Monitor versions 2.3.19 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Utilities versions 1.5.1 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Server versions 5.5.42 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Server versions 5.6.23 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Enterprise Monitor versions 3.0.18 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Enterprise Monitor versions 3.0.10 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Connectors versions 5.1.34 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-2567",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2567"
},
{
"name": "CVE-2015-2576",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2576"
},
{
"name": "CVE-2015-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0433"
},
{
"name": "CVE-2015-0498",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0498"
},
{
"name": "CVE-2015-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0439"
},
{
"name": "CVE-2015-2571",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2571"
},
{
"name": "CVE-2015-0506",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0506"
},
{
"name": "CVE-2014-7809",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7809"
},
{
"name": "CVE-2015-0505",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0505"
},
{
"name": "CVE-2015-2568",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2568"
},
{
"name": "CVE-2015-2575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2575"
},
{
"name": "CVE-2015-0405",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0405"
},
{
"name": "CVE-2015-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0500"
},
{
"name": "CVE-2015-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0438"
},
{
"name": "CVE-2015-0511",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0511"
},
{
"name": "CVE-2015-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0441"
},
{
"name": "CVE-2015-0508",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0508"
},
{
"name": "CVE-2015-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2573"
},
{
"name": "CVE-2014-0112",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0112"
},
{
"name": "CVE-2015-0503",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0503"
},
{
"name": "CVE-2015-2566",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2566"
},
{
"name": "CVE-2014-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3569"
},
{
"name": "CVE-2015-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0423"
},
{
"name": "CVE-2015-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0499"
},
{
"name": "CVE-2015-0501",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0501"
},
{
"name": "CVE-2015-0507",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0507"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-173",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-04-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle MySQL\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 14 avril 2015",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
}
]
}
CERTFR-2015-AVI-173
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Oracle MySQL. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | MySQL | Oracle MySQL Enterprise Monitor versions 2.3.19 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Utilities versions 1.5.1 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Server versions 5.5.42 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Server versions 5.6.23 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Enterprise Monitor versions 3.0.18 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Enterprise Monitor versions 3.0.10 et antérieures | ||
| Oracle | MySQL | Oracle MySQL Connectors versions 5.1.34 et antérieures |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle MySQL Enterprise Monitor versions 2.3.19 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Utilities versions 1.5.1 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Server versions 5.5.42 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Server versions 5.6.23 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Enterprise Monitor versions 3.0.18 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Enterprise Monitor versions 3.0.10 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Connectors versions 5.1.34 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-2567",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2567"
},
{
"name": "CVE-2015-2576",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2576"
},
{
"name": "CVE-2015-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0433"
},
{
"name": "CVE-2015-0498",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0498"
},
{
"name": "CVE-2015-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0439"
},
{
"name": "CVE-2015-2571",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2571"
},
{
"name": "CVE-2015-0506",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0506"
},
{
"name": "CVE-2014-7809",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7809"
},
{
"name": "CVE-2015-0505",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0505"
},
{
"name": "CVE-2015-2568",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2568"
},
{
"name": "CVE-2015-2575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2575"
},
{
"name": "CVE-2015-0405",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0405"
},
{
"name": "CVE-2015-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0500"
},
{
"name": "CVE-2015-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0438"
},
{
"name": "CVE-2015-0511",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0511"
},
{
"name": "CVE-2015-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0441"
},
{
"name": "CVE-2015-0508",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0508"
},
{
"name": "CVE-2015-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2573"
},
{
"name": "CVE-2014-0112",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0112"
},
{
"name": "CVE-2015-0503",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0503"
},
{
"name": "CVE-2015-2566",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2566"
},
{
"name": "CVE-2014-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3569"
},
{
"name": "CVE-2015-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0423"
},
{
"name": "CVE-2015-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0499"
},
{
"name": "CVE-2015-0501",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0501"
},
{
"name": "CVE-2015-0507",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0507"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-173",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-04-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle MySQL\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 14 avril 2015",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
}
]
}
BDU:2015-09991
Vulnerability from fstec - Published: 16.04.2015
VLAI Severity ?
Title
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Description
Уязвимость системы управления базами данных MySQL может позволить нарушителю, действующему удаленно и прошедшему процедуру аутентификации, нарушить доступность данных, используя подкомпонент Server : Security : Encryption
Severity ?
Vendor
Oracle Corp.
Software Name
MySQL
Software Version
от 5.6.0 до 5.6.23 (MySQL), от 5.5.0 до 5.5.42 (MySQL)
Possible Mitigations
Обновление программного обеспечения до версий 5.5.42, 5.6.23 или более поздних
Reference
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0441
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Oracle Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 5.6.0 \u0434\u043e 5.6.23 (MySQL), \u043e\u0442 5.5.0 \u0434\u043e 5.5.42 (MySQL)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0439 5.5.42, 5.6.23 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.04.2015",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.05.2015",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2015-09991",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2015-0441",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "MySQL",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 32-bit, Microsoft Corp Windows - 64-bit, Microsoft Corp Windows - 32-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Unix . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Unix . 32-bit",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MySQL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MySQL \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u043e\u0434\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 Server : Security : Encryption",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL \n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0441",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u0421\u0423\u0411\u0414",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4)"
}
CNVD-2015-02560
Vulnerability from cnvd - Published: 2015-04-21
VLAI Severity ?
Title
Oracle MySQL Server Server:Security:Encryption拒绝服务漏洞
Description
Oracle MySQL Server是一套开源的关系数据库管理系统。
Oracle MySQL Server的Server:Security:Encryption子组件中存在安全漏洞,远程攻击者可利用漏洞进行拒绝服务攻击。
Severity
中
Patch Name
Oracle MySQL Server Server:Security:Encryption拒绝服务漏洞的补丁
Patch Description
Oracle MySQL Server是一套开源的关系数据库管理系统。Oracle MySQL Server的Server:Security:Encryption子组件中存在安全漏洞,远程攻击者可利用漏洞进行拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
Reference
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0441
Impacted products
| Name | ['Oracle MySQL Server <= 5.6.22', 'Oracle MySQL Server <= 5.5.41'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "74103"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2015-0441"
}
},
"description": "Oracle MySQL Server\u662f\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nOracle MySQL Server\u7684Server:Security:Encryption\u5b50\u7ec4\u4ef6\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"discovererName": "Oracle",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-02560",
"openTime": "2015-04-21",
"patchDescription": "Oracle MySQL Server\u662f\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002Oracle MySQL Server\u7684Server:Security:Encryption\u5b50\u7ec4\u4ef6\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Oracle MySQL Server Server:Security:Encryption\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Oracle MySQL Server \u003c= 5.6.22",
"Oracle MySQL Server \u003c= 5.5.41"
]
},
"referenceLink": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html\r\nhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0441",
"serverity": "\u4e2d",
"submitTime": "2015-04-19",
"title": "Oracle MySQL Server Server:Security:Encryption\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
FKIE_CVE-2015-0441
Vulnerability from fkie_nvd - Published: 2015-04-16 16:59 - Updated: 2026-05-06 22:30
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0579ABCA-7F94-43CD-9D58-DA5720F06618",
"versionEndIncluding": "5.5.41",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37669B57-EA80-4951-8094-AE0FB4780EE5",
"versionEndIncluding": "5.6.22",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67A7B7A-998D-4B8C-8831-6E58406565FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E25BE4B-24FF-4274-B5C5-C84FD2A3D7F1",
"versionEndExcluding": "5.5.42",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A2440FD-C1A6-4997-8FA4-6ED7D932035D",
"versionEndExcluding": "10.0.17",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Server : Security : Encryption."
}
],
"id": "CVE-2015-0441",
"lastModified": "2026-05-06T22:30:45.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-16T16:59:06.327",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-19"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-C6JX-5466-W64M
Vulnerability from github – Published: 2022-05-14 01:37 – Updated: 2022-05-14 01:37
VLAI?
Details
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
{
"affected": [],
"aliases": [
"CVE-2015-0441"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-04-16T16:59:00Z",
"severity": "MODERATE"
},
"details": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.",
"id": "GHSA-c6jx-5466-w64m",
"modified": "2022-05-14T01:37:26Z",
"published": "2022-05-14T01:37:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2575-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2015-0441
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-0441",
"description": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.",
"id": "GSD-2015-0441",
"references": [
"https://www.suse.com/security/cve/CVE-2015-0441.html",
"https://www.debian.org/security/2015/dsa-3311",
"https://www.debian.org/security/2015/dsa-3229",
"https://access.redhat.com/errata/RHBA-2015:1763",
"https://access.redhat.com/errata/RHBA-2015:1762",
"https://access.redhat.com/errata/RHSA-2015:1665",
"https://access.redhat.com/errata/RHBA-2015:1659",
"https://access.redhat.com/errata/RHSA-2015:1647",
"https://access.redhat.com/errata/RHSA-2015:1629",
"https://access.redhat.com/errata/RHSA-2015:1628",
"https://ubuntu.com/security/CVE-2015-0441",
"https://linux.oracle.com/cve/CVE-2015-0441.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-0441"
],
"details": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.",
"id": "GSD-2015-0441",
"modified": "2023-12-13T01:19:58.240951Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0441",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201507-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "DSA-3229",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"name": "1032121",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "DSA-3311",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name": "RHSA-2015:1647",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "RHSA-2015:1628",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name": "SUSE-SU-2015:0946",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"name": "USN-2575-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"name": "RHSA-2015:1629",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name": "RHSA-2015:1665",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.5.41",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.6.22",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.5.42",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.17",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0441"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:0946",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"name": "GLSA-201507-19",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "RHSA-2015:1629",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name": "RHSA-2015:1628",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name": "USN-2575-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"name": "1032121",
"refsource": "SECTRACK",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "DSA-3229",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"name": "DSA-3311",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name": "RHSA-2015:1665",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"name": "RHSA-2015:1647",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2022-08-26T16:04Z",
"publishedDate": "2015-04-16T16:59Z"
}
}
}
RHBA-2015:1659
Vulnerability from csaf_redhat - Published: 2015-08-24 14:47 - Updated: 2026-01-13 21:13Summary
Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory
Severity
Moderate
Notes
Topic: Updated packages that resolve various issues are now available for Red Hat
Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7.
Details: Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware.
This update addresses the following issues:
* This package rebases mariadb-galera to 5.5.42, fixing an issue where duplicate key errors would occur during INSERT statements, when performed during the period when database connectivity was moving to another Galera node, and when the first node was entering a non-available state. (BZ#1240114)
* Previously, a call to the 'sed' command within 'mysqld_safe.sh' (to certain command line arguments) failed to accommodate arguments which include a slash, such as the paths to SSL key and certificate files which are passed through this function.
Consequently, the 'mysqld_safe.sh' script produced warnings of the form "unknown option to `s'". However, the script continued to work correctly, as these arguments are not actually needed in this specific context.
This update addresses this issue by correcting the call to 'sed' so that SSL arguments which include slashes are properly interpreted.
As a result, the warnings regarding 'sed' are now resolved. (BZ#1134033)
* Previously, a default logrotate configuration was not provided. This update adds a default config, rotating based on log size rather than time, avoiding long logs as per current RHEL OpenStack Platform standards. (BZ#1212488)
* Previously, the HDP plug-in installed the 'Extra Packages for Enterprise Linux (EPEL)' repo on cluster generation, even though neither the plug-in nor the saraha-image-elements package used the repo. Consequently, a potentially error-prone step was introduced into HDP cluster generation; in addition, these clusters may potentially update to unsupported packages.
With this update, the repo is no longer installed by the HDP plug-in. (BZ#1231922)
* Previously, the neutron VPN agent received an incorrect SELinux context. Consequently, SELinux was causing the VPN agent to fail.
This update addresses this issue by changing the type to 'neutron_vpn_agent_t'.
As a result, the VPN agent now runs as expected. (BZ#1238360)
* Previously, SELinux prevented glance from creating a symlink. Consequently, users could not use /home/glance to replace /var/lib/glance.
This fix addresses the issue by granting Image Service permission to create a symlink to glance types.
As a result, users can now free up space in the / directory by symlinking /var/lib/glance to /home/glance. (BZ#1210271)
* Previously, glance's VMware vSphere store failed to handle 401 errors correctly. These errors were raised after the vSphere session had expired, causing long-standing operations, such as snapshots, to fail. This update resolves the issue, allowing these operations to succeed. (BZ#1200075)
* Previously, oslo.messaging could enter a loop while waiting for messages, if RabbitMQ had died.
This update adds a more precise timeout handling for message consumption, allowing the poll operations on specific connections to end whenever such scenarios occur. (BZ#1188304)
* This update addresses potential race conditions involving the 'oslo' messaging backend used in RabbitMQ. (BZ#1188309)
* Previously, the GM process would send a message to terminate all slaves once the master process terminated, but would not wait for confirmation that the slaves had received this message before terminating itself. As a result, a slave that did not receive the message would detect that the master GM process had terminated and promote itself to master, causing the previous master process to hang.
With this update, the GM process now waits for its broadcast buffer to empty before terminating. This results in all slaves receiving the message to terminate, allowing the master process to terminate as expected. (BZ#1239141)
* This rebase package contains an updated snapshot from the LTS upstream 'branch-2.3' that includes multiple bugfixes. (BZ#1250221)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
4.0 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
4.0 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
4.0 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
4.0 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that resolve various issues are now available for Red Hat\nEnterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Enterprise Linux OpenStack Platform provides the facilities for\nbuilding a private or public infrastructure-as-a-service (IaaS) cloud\nrunning on commonly available physical hardware.\n\nThis update addresses the following issues:\n\n* This package rebases mariadb-galera to 5.5.42, fixing an issue where duplicate key errors would occur during INSERT statements, when performed during the period when database connectivity was moving to another Galera node, and when the first node was entering a non-available state. (BZ#1240114)\n\n* Previously, a call to the \u0027sed\u0027 command within \u0027mysqld_safe.sh\u0027 (to certain command line arguments) failed to accommodate arguments which include a slash, such as the paths to SSL key and certificate files which are passed through this function. \nConsequently, the \u0027mysqld_safe.sh\u0027 script produced warnings of the form \"unknown option to `s\u0027\". However, the script continued to work correctly, as these arguments are not actually needed in this specific context. \nThis update addresses this issue by correcting the call to \u0027sed\u0027 so that SSL arguments which include slashes are properly interpreted. \nAs a result, the warnings regarding \u0027sed\u0027 are now resolved. (BZ#1134033)\n\n* Previously, a default logrotate configuration was not provided. This update adds a default config, rotating based on log size rather than time, avoiding long logs as per current RHEL OpenStack Platform standards. (BZ#1212488)\n\n* Previously, the HDP plug-in installed the \u0027Extra Packages for Enterprise Linux (EPEL)\u0027 repo on cluster generation, even though neither the plug-in nor the saraha-image-elements package used the repo. Consequently, a potentially error-prone step was introduced into HDP cluster generation; in addition, these clusters may potentially update to unsupported packages. \nWith this update, the repo is no longer installed by the HDP plug-in. (BZ#1231922)\n\n* Previously, the neutron VPN agent received an incorrect SELinux context. Consequently, SELinux was causing the VPN agent to fail. \nThis update addresses this issue by changing the type to \u0027neutron_vpn_agent_t\u0027. \nAs a result, the VPN agent now runs as expected. (BZ#1238360)\n\n* Previously, SELinux prevented glance from creating a symlink. Consequently, users could not use /home/glance to replace /var/lib/glance. \nThis fix addresses the issue by granting Image Service permission to create a symlink to glance types. \nAs a result, users can now free up space in the / directory by symlinking /var/lib/glance to /home/glance. (BZ#1210271)\n\n* Previously, glance\u0027s VMware vSphere store failed to handle 401 errors correctly. These errors were raised after the vSphere session had expired, causing long-standing operations, such as snapshots, to fail. This update resolves the issue, allowing these operations to succeed. (BZ#1200075)\n\n* Previously, oslo.messaging could enter a loop while waiting for messages, if RabbitMQ had died. \nThis update adds a more precise timeout handling for message consumption, allowing the poll operations on specific connections to end whenever such scenarios occur. (BZ#1188304)\n\n* This update addresses potential race conditions involving the \u0027oslo\u0027 messaging backend used in RabbitMQ. (BZ#1188309)\n\n* Previously, the GM process would send a message to terminate all slaves once the master process terminated, but would not wait for confirmation that the slaves had received this message before terminating itself. As a result, a slave that did not receive the message would detect that the master GM process had terminated and promote itself to master, causing the previous master process to hang.\nWith this update, the GM process now waits for its broadcast buffer to empty before terminating. This results in all slaves receiving the message to terminate, allowing the master process to terminate as expected. (BZ#1239141)\n\n* This rebase package contains an updated snapshot from the LTS upstream \u0027branch-2.3\u0027 that includes multiple bugfixes. (BZ#1250221)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2015:1659",
"url": "https://access.redhat.com/errata/RHBA-2015:1659"
},
{
"category": "external",
"summary": "1134033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1134033"
},
{
"category": "external",
"summary": "1160343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1160343"
},
{
"category": "external",
"summary": "1188304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188304"
},
{
"category": "external",
"summary": "1188309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188309"
},
{
"category": "external",
"summary": "1200075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200075"
},
{
"category": "external",
"summary": "1231922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1231922"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhba-2015_1659.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory",
"tracking": {
"current_release_date": "2026-01-13T21:13:50+00:00",
"generator": {
"date": "2026-01-13T21:13:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHBA-2015:1659",
"initial_release_date": "2015-08-24T14:47:56+00:00",
"revision_history": [
{
"date": "2015-08-24T14:47:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-24T14:47:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T21:13:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"product": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"product_id": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rabbitmq-server@3.3.5-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"product": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"product_id": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-selinux@0.6.37-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"product": {
"name": "python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"product_id": "python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging@1.4.1-5.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"product": {
"name": "python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"product_id": "python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging-doc@1.4.1-5.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"product": {
"name": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"product_id": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-openvswitch@2.3.2-1.git20150730.el7_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"product": {
"name": "openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"product_id": "openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-sahara@2014.2.3-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"product": {
"name": "openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"product_id": "openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-sahara-doc@2014.2.3-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-glance-store-0:0.1.10-4.el7ost.noarch",
"product": {
"name": "python-glance-store-0:0.1.10-4.el7ost.noarch",
"product_id": "python-glance-store-0:0.1.10-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-glance-store@0.1.10-4.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"product": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"product_id": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rabbitmq-server@3.3.5-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-selinux-0:0.6.37-1.el7ost.src",
"product": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.src",
"product_id": "openstack-selinux-0:0.6.37-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-selinux@0.6.37-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-0:1.4.1-5.el7ost.src",
"product": {
"name": "python-oslo-messaging-0:1.4.1-5.el7ost.src",
"product_id": "python-oslo-messaging-0:1.4.1-5.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging@1.4.1-5.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"product": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"product_id": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.3.2-1.git20150730.el7_1?arch=src"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-1:5.5.42-1.el7ost.src",
"product": {
"name": "mariadb-galera-1:5.5.42-1.el7ost.src",
"product_id": "mariadb-galera-1:5.5.42-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera@5.5.42-1.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-sahara-0:2014.2.3-3.el7ost.src",
"product": {
"name": "openstack-sahara-0:2014.2.3-3.el7ost.src",
"product_id": "openstack-sahara-0:2014.2.3-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-sahara@2014.2.3-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-glance-store-0:0.1.10-4.el7ost.src",
"product": {
"name": "python-glance-store-0:0.1.10-4.el7ost.src",
"product_id": "python-glance-store-0:0.1.10-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-glance-store@0.1.10-4.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"product": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_id": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.3.2-1.git20150730.el7_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"product": {
"name": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_id": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.3.2-1.git20150730.el7_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"product": {
"name": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"product_id": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-debuginfo@5.5.42-1.el7ost?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"product": {
"name": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"product_id": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-common@5.5.42-1.el7ost?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"product": {
"name": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"product_id": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-server@5.5.42-1.el7ost?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-1:5.5.42-1.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src"
},
"product_reference": "mariadb-galera-1:5.5.42-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64"
},
"product_reference": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64"
},
"product_reference": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64"
},
"product_reference": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-sahara-0:2014.2.3-3.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch"
},
"product_reference": "openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-sahara-0:2014.2.3-3.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src"
},
"product_reference": "openstack-sahara-0:2014.2.3-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch"
},
"product_reference": "openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch"
},
"product_reference": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src"
},
"product_reference": "openstack-selinux-0:0.6.37-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src"
},
"product_reference": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64"
},
"product_reference": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64"
},
"product_reference": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-glance-store-0:0.1.10-4.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch"
},
"product_reference": "python-glance-store-0:0.1.10-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-glance-store-0:0.1.10-4.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src"
},
"product_reference": "python-glance-store-0:0.1.10-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch"
},
"product_reference": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-0:1.4.1-5.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch"
},
"product_reference": "python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-0:1.4.1-5.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src"
},
"product_reference": "python-oslo-messaging-0:1.4.1-5.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch"
},
"product_reference": "python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch"
},
"product_reference": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
},
"product_reference": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-0433",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212776"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0433"
},
{
"category": "external",
"summary": "RHBZ#1212776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0433"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-24T14:47:56+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise\nLinux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 6 Release Notes contain the\nfollowing:\n* An explanation of the way in which the provided components interact to\nform a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 6,\nincluding which channels need to be enabled and disabled.\n\nThe Release Notes are available at:\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Release_Notes/index.html\n\nThis update is available through the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1659"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)"
},
{
"cve": "CVE-2015-0441",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212777"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0441"
},
{
"category": "external",
"summary": "RHBZ#1212777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-24T14:47:56+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise\nLinux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 6 Release Notes contain the\nfollowing:\n* An explanation of the way in which the provided components interact to\nform a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 6,\nincluding which channels need to be enabled and disabled.\n\nThe Release Notes are available at:\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Release_Notes/index.html\n\nThis update is available through the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1659"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)"
},
{
"cve": "CVE-2015-2568",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212763"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-2568"
},
{
"category": "external",
"summary": "RHBZ#1212763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-2568",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2568"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-24T14:47:56+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise\nLinux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 6 Release Notes contain the\nfollowing:\n* An explanation of the way in which the provided components interact to\nform a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 6,\nincluding which channels need to be enabled and disabled.\n\nThe Release Notes are available at:\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Release_Notes/index.html\n\nThis update is available through the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1659"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)"
},
{
"cve": "CVE-2015-2573",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212783"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-2573"
},
{
"category": "external",
"summary": "RHBZ#1212783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2573"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-24T14:47:56+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise\nLinux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 6 Release Notes contain the\nfollowing:\n* An explanation of the way in which the provided components interact to\nform a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 6,\nincluding which channels need to be enabled and disabled.\n\nThe Release Notes are available at:\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Release_Notes/index.html\n\nThis update is available through the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1659"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-6.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-6.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-sahara-0:2014.2.3-3.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-sahara-doc-0:2014.2.3-3.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-glance-store-0:0.1.10-4.el7ost.src",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-0:1.4.1-5.el7ost.src",
"7Server-RH7-RHOS-6.0:python-oslo-messaging-doc-0:1.4.1-5.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-6.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)"
}
]
}
RHBA-2015:1762
Vulnerability from csaf_redhat - Published: 2015-09-10 11:45 - Updated: 2026-01-13 21:13Summary
Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory
Severity
Moderate
Notes
Topic: Updated mariadb-galera, rabbitmq-server, openvswitch, openstack-selinux, openstack-trove, sos-plugins-openstack, and python-eventlet packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7.
Details: Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware.
This update addresses the following issues:
* Previously, a call to the "sed" command within mysqld_safe.sh which was used to certain command line arguments failed to accommodate arguments which included a slash, such as the paths to the SSL key and certificate files to pass through this function. As a consequence, the mysqld_safe.sh script produced warnings of the form "unknown option to `s'". The script continued to work correctly otherwise as these arguments are not actually needed in this specific context. With this update, the call to sed has been corrected such that the SSL arguments which include slashes are properly interpreted. As a result, the warnings regarding sed are now resolved. (BZ#1134032)
* Prior to this update, SELinux was preventing neutron from using the file system. As a consequence, neutron failed to run. Now, an appropriate rule has been added to SELinux, which allows neutron to run with SELinux in enforcing mode. (BZ#1176830)
* With this release, mariadb-galera is rebased to version 5.5.42, fixing an issue where "duplicate key" errors would occur during INSERT statements, when performed during the period of time when database connectivity was moving to another Galera node, and when the first Galera node was entering a non-available state. (BZ#1240326)
* Previously, the GM process would send a message for all slaves to terminate once the master process terminated, but would not wait for confirmation that the slaves had received this message before terminating itself. As a result, a slave that did not receive the termination message would detect that the master GM process had terminated, and would promote itself to master, causing the previous master process to hang indefinitely.
With this update, the GM process now waits for its broadcast buffer to empty before terminating. This results in all slaves receiving the message to terminate, allowing the master process to terminate as expected. (BZ#1248081)
* The openvswitch packages have been upgraded to upstream version 2.3.2, which provides a number of bug fixes over the previous version. (BZ#1250220)
* The openstack-trove packages have been upgraded to upstream version 2014.1.5, which provides a number of bug fixes over the previous version. (BZ#1254705)
* The python-oslo-messaging packages have been upgraded to upstream version 1.3.1, which provides a number of bug fixes over the previous version. (BZ#1257640)
* Previously, there was a hot loop in the Send function if the connection was lost. As a consequence, the process consumed 100% CPU and hung indefinitely. To fix this problem, an upstream patch for the greenio module has been added, which allows the loop to exit if this condition happens. As a result, the process no longer consumes 100% CPU in a hot loop, and it does not hang. (BZ#1259841)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
4.0 ()
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
4.0 ()
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
4.0 ()
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
4.0 ()
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated mariadb-galera, rabbitmq-server, openvswitch, openstack-selinux, openstack-trove, sos-plugins-openstack, and python-eventlet packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Enterprise Linux OpenStack Platform provides the facilities for\nbuilding a private or public infrastructure-as-a-service (IaaS) cloud\nrunning on commonly available physical hardware.\n\nThis update addresses the following issues:\n\n* Previously, a call to the \"sed\" command within mysqld_safe.sh which was used to certain command line arguments failed to accommodate arguments which included a slash, such as the paths to the SSL key and certificate files to pass through this function. As a consequence, the mysqld_safe.sh script produced warnings of the form \"unknown option to `s\u0027\". The script continued to work correctly otherwise as these arguments are not actually needed in this specific context. With this update, the call to sed has been corrected such that the SSL arguments which include slashes are properly interpreted. As a result, the warnings regarding sed are now resolved. (BZ#1134032)\n\n* Prior to this update, SELinux was preventing neutron from using the file system. As a consequence, neutron failed to run. Now, an appropriate rule has been added to SELinux, which allows neutron to run with SELinux in enforcing mode. (BZ#1176830)\n\n* With this release, mariadb-galera is rebased to version 5.5.42, fixing an issue where \"duplicate key\" errors would occur during INSERT statements, when performed during the period of time when database connectivity was moving to another Galera node, and when the first Galera node was entering a non-available state. (BZ#1240326)\n\n* Previously, the GM process would send a message for all slaves to terminate once the master process terminated, but would not wait for confirmation that the slaves had received this message before terminating itself. As a result, a slave that did not receive the termination message would detect that the master GM process had terminated, and would promote itself to master, causing the previous master process to hang indefinitely. \nWith this update, the GM process now waits for its broadcast buffer to empty before terminating. This results in all slaves receiving the message to terminate, allowing the master process to terminate as expected. (BZ#1248081)\n\n* The openvswitch packages have been upgraded to upstream version 2.3.2, which provides a number of bug fixes over the previous version. (BZ#1250220)\n\n* The openstack-trove packages have been upgraded to upstream version 2014.1.5, which provides a number of bug fixes over the previous version. (BZ#1254705)\n\n* The python-oslo-messaging packages have been upgraded to upstream version 1.3.1, which provides a number of bug fixes over the previous version. (BZ#1257640)\n\n* Previously, there was a hot loop in the Send function if the connection was lost. As a consequence, the process consumed 100% CPU and hung indefinitely. To fix this problem, an upstream patch for the greenio module has been added, which allows the loop to exit if this condition happens. As a result, the process no longer consumes 100% CPU in a hot loop, and it does not hang. (BZ#1259841)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2015:1762",
"url": "https://access.redhat.com/errata/RHBA-2015:1762"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html"
},
{
"category": "external",
"summary": "1122569",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1122569"
},
{
"category": "external",
"summary": "1134032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1134032"
},
{
"category": "external",
"summary": "1163421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163421"
},
{
"category": "external",
"summary": "1176781",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176781"
},
{
"category": "external",
"summary": "1176830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176830"
},
{
"category": "external",
"summary": "1254705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1254705"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhba-2015_1762.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory",
"tracking": {
"current_release_date": "2026-01-13T21:13:53+00:00",
"generator": {
"date": "2026-01-13T21:13:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHBA-2015:1762",
"initial_release_date": "2015-09-10T11:45:31+00:00",
"revision_history": [
{
"date": "2015-09-10T11:45:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-09-10T11:45:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T21:13:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:5::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"product": {
"name": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"product_id": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-debuginfo@5.5.42-1.el7ost?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"product": {
"name": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"product_id": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-common@5.5.42-1.el7ost?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"product": {
"name": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"product_id": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-server@5.5.42-1.el7ost?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"product": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_id": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.3.2-1.git20150730.el7_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"product": {
"name": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_id": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.3.2-1.git20150730.el7_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-galera-1:5.5.42-1.el7ost.src",
"product": {
"name": "mariadb-galera-1:5.5.42-1.el7ost.src",
"product_id": "mariadb-galera-1:5.5.42-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera@5.5.42-1.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"product": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"product_id": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rabbitmq-server@3.3.5-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"product": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"product_id": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.3.2-1.git20150730.el7_1?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-selinux-0:0.6.37-1.el7ost.src",
"product": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.src",
"product_id": "openstack-selinux-0:0.6.37-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-selinux@0.6.37-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-0:2014.1.5-1.el7ost.src",
"product": {
"name": "openstack-trove-0:2014.1.5-1.el7ost.src",
"product_id": "openstack-trove-0:2014.1.5-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove@2014.1.5-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "sos-plugins-openstack-0:2013.2-6.el7ost.src",
"product": {
"name": "sos-plugins-openstack-0:2013.2-6.el7ost.src",
"product_id": "sos-plugins-openstack-0:2013.2-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sos-plugins-openstack@2013.2-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-eventlet-0:0.14.0-4.el7ost.src",
"product": {
"name": "python-eventlet-0:0.14.0-4.el7ost.src",
"product_id": "python-eventlet-0:0.14.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-eventlet@0.14.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"product": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"product_id": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging@1.3.1-1.g33f3b18.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"product": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"product_id": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rabbitmq-server@3.3.5-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"product": {
"name": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"product_id": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-openvswitch@2.3.2-1.git20150730.el7_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"product": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"product_id": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-selinux@0.6.37-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"product_id": "openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove-guestagent@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"product_id": "openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove-taskmanager@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "openstack-trove-0:2014.1.5-1.el7ost.noarch",
"product_id": "openstack-trove-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"product_id": "openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove-common@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"product_id": "openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove-conductor@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"product_id": "openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-trove-api@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-trove-0:2014.1.5-1.el7ost.noarch",
"product": {
"name": "python-trove-0:2014.1.5-1.el7ost.noarch",
"product_id": "python-trove-0:2014.1.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-trove@2014.1.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhos-log-collector-0:2013.2-6.el7ost.noarch",
"product": {
"name": "rhos-log-collector-0:2013.2-6.el7ost.noarch",
"product_id": "rhos-log-collector-0:2013.2-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhos-log-collector@2013.2-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-eventlet-0:0.14.0-4.el7ost.noarch",
"product": {
"name": "python-eventlet-0:0.14.0-4.el7ost.noarch",
"product_id": "python-eventlet-0:0.14.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-eventlet@0.14.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"product": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"product_id": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging@1.3.1-1.g33f3b18.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"product": {
"name": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"product_id": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging-doc@1.3.1-1.g33f3b18.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-1:5.5.42-1.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src"
},
"product_reference": "mariadb-galera-1:5.5.42-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64"
},
"product_reference": "mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64"
},
"product_reference": "mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64"
},
"product_reference": "mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch"
},
"product_reference": "openstack-selinux-0:0.6.37-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-selinux-0:0.6.37-1.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src"
},
"product_reference": "openstack-selinux-0:0.6.37-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "openstack-trove-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-0:2014.1.5-1.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src"
},
"product_reference": "openstack-trove-0:2014.1.5-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-api-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-common-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src"
},
"product_reference": "openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64"
},
"product_reference": "openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64"
},
"product_reference": "openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-eventlet-0:0.14.0-4.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch"
},
"product_reference": "python-eventlet-0:0.14.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-eventlet-0:0.14.0-4.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src"
},
"product_reference": "python-eventlet-0:0.14.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch"
},
"product_reference": "python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch"
},
"product_reference": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src"
},
"product_reference": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch"
},
"product_reference": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-trove-0:2014.1.5-1.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch"
},
"product_reference": "python-trove-0:2014.1.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch"
},
"product_reference": "rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-0:3.3.5-4.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src"
},
"product_reference": "rabbitmq-server-0:3.3.5-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhos-log-collector-0:2013.2-6.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch"
},
"product_reference": "rhos-log-collector-0:2013.2-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sos-plugins-openstack-0:2013.2-6.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
},
"product_reference": "sos-plugins-openstack-0:2013.2-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-0433",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212776"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0433"
},
{
"category": "external",
"summary": "RHBZ#1212776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0433"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:31+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7 runs on Red Hat Enterprise Linux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1762"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)"
},
{
"cve": "CVE-2015-0441",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212777"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0441"
},
{
"category": "external",
"summary": "RHBZ#1212777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:31+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7 runs on Red Hat Enterprise Linux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1762"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)"
},
{
"cve": "CVE-2015-2568",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212763"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-2568"
},
{
"category": "external",
"summary": "RHBZ#1212763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-2568",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2568"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:31+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7 runs on Red Hat Enterprise Linux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1762"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)"
},
{
"cve": "CVE-2015-2573",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212783"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-2573"
},
{
"category": "external",
"summary": "RHBZ#1212783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2573"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:31+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7 runs on Red Hat Enterprise Linux 7.1.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 7, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1762"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-5.0:mariadb-galera-1:5.5.42-1.el7ost.src",
"7Server-RH7-RHOS-5.0:mariadb-galera-common-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-debuginfo-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:mariadb-galera-server-1:5.5.42-1.el7ost.x86_64",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-selinux-0:0.6.37-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-0:2014.1.5-1.el7ost.src",
"7Server-RH7-RHOS-5.0:openstack-trove-api-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-common-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-conductor-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-guestagent-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openstack-trove-taskmanager-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.3.2-1.git20150730.el7_1.x86_64",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-eventlet-0:0.14.0-4.el7ost.src",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.3.2-1.git20150730.el7_1.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el7ost.src",
"7Server-RH7-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el7ost.noarch",
"7Server-RH7-RHOS-5.0:python-trove-0:2014.1.5-1.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.noarch",
"7Server-RH7-RHOS-5.0:rabbitmq-server-0:3.3.5-4.el7ost.src",
"7Server-RH7-RHOS-5.0:rhos-log-collector-0:2013.2-6.el7ost.noarch",
"7Server-RH7-RHOS-5.0:sos-plugins-openstack-0:2013.2-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)"
}
]
}
RHBA-2015:1763
Vulnerability from csaf_redhat - Published: 2015-09-10 11:45 - Updated: 2026-01-13 21:13Summary
Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory
Severity
Moderate
Notes
Topic: Updated mariadb-galera and python-eventlet packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6.
Details: Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware.
This update addresses the following issues:
* Previously, a call to the "sed" command within mysqld_safe.sh which was used to certain command line arguments failed to accommodate arguments which included a slash, such as the paths to the SSL key and certificate files to pass through this function. As a consequence, the mysqld_safe.sh script produced warnings of the form "unknown option to `s'". The script continued to work correctly otherwise as these arguments are not actually needed in this specific context. With this update, the call to sed has been corrected such that the SSL arguments which include slashes are properly interpreted. As a result, the warnings regarding sed are now resolved. (BZ#1214904)
* Prior to this update, eventlet behaved incorrectly around SSL retries. As a consequence, sporadic connection failures (for example, of API calls) occurred. To fix this problem, a patch has been added in which SSL retries use the same data buffer. As a result, SSL retries now work correctly. (BZ#1220864)
* Previously, when a large number of requests to expire objects were created at the same time, they were all handled by a single container. As a consequence, timeouts occurred on the container listing, which caused the expirer daemon to fail. With this update, the expiring tracker objects are spread across multiple containers, which resolves the aforementioned problem. (BZ#1229435)
* With this release, mariadb-galera is rebased to version 5.5.42, fixing an issue where "duplicate key" errors would occur during INSERT statements, when performed during the period of time when database connectivity was moving to another Galera node, and when the first Galera node was entering a non-available state. (BZ#1240329)
* Previously, there was a hot loop in the Send function if the connection was lost. As a consequence, the process consumed 100% CPU and hung indefinitely. To fix this problem, an upstream patch for the greenio module has been added, which allows the loop to exit if this condition happens. As a result, the process no longer consumes 100% CPU in a hot loop, and it does not hang. (BZ#1259842)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
4.0 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
4.0 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
4.0 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
4.0 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated mariadb-galera and python-eventlet packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Enterprise Linux OpenStack Platform provides the facilities for\nbuilding a private or public infrastructure-as-a-service (IaaS) cloud\nrunning on commonly available physical hardware.\n\nThis update addresses the following issues:\n\n* Previously, a call to the \"sed\" command within mysqld_safe.sh which was used to certain command line arguments failed to accommodate arguments which included a slash, such as the paths to the SSL key and certificate files to pass through this function. As a consequence, the mysqld_safe.sh script produced warnings of the form \"unknown option to `s\u0027\". The script continued to work correctly otherwise as these arguments are not actually needed in this specific context. With this update, the call to sed has been corrected such that the SSL arguments which include slashes are properly interpreted. As a result, the warnings regarding sed are now resolved. (BZ#1214904)\n\n* Prior to this update, eventlet behaved incorrectly around SSL retries. As a consequence, sporadic connection failures (for example, of API calls) occurred. To fix this problem, a patch has been added in which SSL retries use the same data buffer. As a result, SSL retries now work correctly. (BZ#1220864)\n\n* Previously, when a large number of requests to expire objects were created at the same time, they were all handled by a single container. As a consequence, timeouts occurred on the container listing, which caused the expirer daemon to fail. With this update, the expiring tracker objects are spread across multiple containers, which resolves the aforementioned problem. (BZ#1229435)\n\n* With this release, mariadb-galera is rebased to version 5.5.42, fixing an issue where \"duplicate key\" errors would occur during INSERT statements, when performed during the period of time when database connectivity was moving to another Galera node, and when the first Galera node was entering a non-available state. (BZ#1240329)\n\n* Previously, there was a hot loop in the Send function if the connection was lost. As a consequence, the process consumed 100% CPU and hung indefinitely. To fix this problem, an upstream patch for the greenio module has been added, which allows the loop to exit if this condition happens. As a result, the process no longer consumes 100% CPU in a hot loop, and it does not hang. (BZ#1259842)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2015:1763",
"url": "https://access.redhat.com/errata/RHBA-2015:1763"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html"
},
{
"category": "external",
"summary": "1214904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214904"
},
{
"category": "external",
"summary": "1220864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1220864"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhba-2015_1763.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory",
"tracking": {
"current_release_date": "2026-01-13T21:13:51+00:00",
"generator": {
"date": "2026-01-13T21:13:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHBA-2015:1763",
"initial_release_date": "2015-09-10T11:45:07+00:00",
"revision_history": [
{
"date": "2015-09-10T11:45:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-09-10T11:45:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T21:13:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:5::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"product": {
"name": "mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"product_id": "mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-server@5.5.42-1.el6ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"product": {
"name": "mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"product_id": "mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-common@5.5.42-1.el6ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"product": {
"name": "mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"product_id": "mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-debuginfo@5.5.42-1.el6ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-galera-0:5.5.42-1.el6ost.src",
"product": {
"name": "mariadb-galera-0:5.5.42-1.el6ost.src",
"product_id": "mariadb-galera-0:5.5.42-1.el6ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera@5.5.42-1.el6ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-eventlet-0:0.14.0-4.el6.src",
"product": {
"name": "python-eventlet-0:0.14.0-4.el6.src",
"product_id": "python-eventlet-0:0.14.0-4.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-eventlet@0.14.0-4.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"product": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"product_id": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging@1.3.1-1.g33f3b18.el6ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-eventlet-0:0.14.0-4.el6.noarch",
"product": {
"name": "python-eventlet-0:0.14.0-4.el6.noarch",
"product_id": "python-eventlet-0:0.14.0-4.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-eventlet@0.14.0-4.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-eventlet-doc-0:0.14.0-4.el6.noarch",
"product": {
"name": "python-eventlet-doc-0:0.14.0-4.el6.noarch",
"product_id": "python-eventlet-doc-0:0.14.0-4.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-eventlet-doc@0.14.0-4.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"product": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"product_id": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging@1.3.1-1.g33f3b18.el6ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch",
"product": {
"name": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch",
"product_id": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-oslo-messaging-doc@1.3.1-1.g33f3b18.el6ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-0:5.5.42-1.el6ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src"
},
"product_reference": "mariadb-galera-0:5.5.42-1.el6ost.src",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-common-0:5.5.42-1.el6ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64"
},
"product_reference": "mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64"
},
"product_reference": "mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-server-0:5.5.42-1.el6ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64"
},
"product_reference": "mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-eventlet-0:0.14.0-4.el6.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch"
},
"product_reference": "python-eventlet-0:0.14.0-4.el6.noarch",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-eventlet-0:0.14.0-4.el6.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src"
},
"product_reference": "python-eventlet-0:0.14.0-4.el6.src",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-eventlet-doc-0:0.14.0-4.el6.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch"
},
"product_reference": "python-eventlet-doc-0:0.14.0-4.el6.noarch",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch"
},
"product_reference": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src"
},
"product_reference": "python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
},
"product_reference": "python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-0433",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212776"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0433"
},
{
"category": "external",
"summary": "RHBZ#1212776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0433"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:07+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6 runs on Red Hat Enterprise Linux 6.7.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1763"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)"
},
{
"cve": "CVE-2015-0441",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212777"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0441"
},
{
"category": "external",
"summary": "RHBZ#1212777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0441"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:07+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6 runs on Red Hat Enterprise Linux 6.7.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1763"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)"
},
{
"cve": "CVE-2015-2568",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212763"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-2568"
},
{
"category": "external",
"summary": "RHBZ#1212763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-2568",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2568"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:07+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6 runs on Red Hat Enterprise Linux 6.7.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1763"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)"
},
{
"cve": "CVE-2015-2573",
"discovery_date": "2015-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1212783"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-2573"
},
{
"category": "external",
"summary": "RHBZ#1212783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2573"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL"
}
],
"release_date": "2015-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-09-10T11:45:07+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nRed Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6 runs on Red Hat Enterprise Linux 6.7.\n\nThe Red Hat Enterprise Linux OpenStack Platform 5 Release Notes (see the References section) contain the following:\n* An explanation of the way in which the provided components interact to form a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6, including which channels need to be enabled and disabled.\n\nThis update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2015:1763"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.42-1.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.42-1.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-eventlet-0:0.14.0-4.el6.src",
"6Server-RH6-RHOS-5.0:python-eventlet-doc-0:0.14.0-4.el6.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.noarch",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-0:1.3.1-1.g33f3b18.el6ost.src",
"6Server-RH6-RHOS-5.0:python-oslo-messaging-doc-0:1.3.1-1.g33f3b18.el6ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…