Low: mysql security and enhancement update
Security Advisory: Low
Updated mysql packages that fix one security issue and add one enhancement
are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
A flaw was found in the way MySQL processed HANDLER READ NEXT statements
after deleting a record. A remote, authenticated attacker could use this
flaw to provide such requests, causing mysqld to crash. This issue only
caused a temporary denial of service, as mysqld was automatically restarted
after the crash. (CVE-2012-2102)
This update also adds the following enhancement:
All MySQL users should upgrade to these updated packages, which add this
enhancement and contain a backported patch to correct this issue. After
installing this update, the MySQL server daemon (mysqld) will be restarted
automatically.
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258