From 125518617c8d12d9a1962578cceea3ff7b1a23f6 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 17 Feb 2016 19:06:55 +0100 Subject: [PATCH 001/237] Update vulnerabilities. --- vulnerabilities.csv | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 779855a..8b1c533 100644 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -417,3 +417,6 @@ 5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453";Assigned (20160122);"None (candidate not yet proposed)"; From 9d7b7e11dabd113b77d244a01d5593e0a61fad8d Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Tue, 15 Mar 2016 10:14:31 +0100 Subject: [PATCH 002/237] Null commit --- mysqltuner.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index cc4a152..6205741 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3245,3 +3245,4 @@ along with this program. If not, see . # cperl-indent-level: 8 # perl-indent-level: 8 # End: + From 4d93a433701fadf7e87f08eb553123b02fedf38c Mon Sep 17 00:00:00 2001 From: Christine Date: Mon, 21 Mar 2016 14:44:48 +0100 Subject: [PATCH 003/237] removing deprecated info. --- build/updateCVElist.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/updateCVElist.pl b/build/updateCVElist.pl index c122be9..535d26a 100644 --- a/build/updateCVElist.pl +++ b/build/updateCVElist.pl @@ -21,8 +21,8 @@ sub AUTOLOAD { my $mech = WWW::Mechanize->new(); $mech->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0'); -#$mech->proxy( ['http'], 'http://10.236.240.71:3128' ); -#$mech->proxy( ['https'], 'http://10.236.240.71:3128' ); +#$mech->proxy( ['http'], 'http://XXX.XXX.XXX.XXX:3128' ); +#$mech->proxy( ['https'], 'http://XXX.XXX.XXX.XXX:3128' ); $mech->env_proxy; From 3a0ce00ffdd24029c7d05e6a7128eafd0ac33330 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Mon, 21 Mar 2016 15:29:31 +0100 Subject: [PATCH 004/237] Update CVE list --- vulnerabilities.csv | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 vulnerabilities.csv diff --git a/vulnerabilities.csv b/vulnerabilities.csv old mode 100644 new mode 100755 From 216885c30e27293788c77bf1a3cc654ca8ba8d1f Mon Sep 17 00:00:00 2001 From: Christine Date: Mon, 21 Mar 2016 15:51:16 +0100 Subject: [PATCH 005/237] Support user parameter alone Support advanced debug for access denied issue --- mysqltuner.pl | 40 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 3 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index e0012b7..d541790 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -505,7 +505,21 @@ sub mysql_setup { $doremote = 1; } } - + # Did we already get a username without password on the command line? + if ( $opt{user} ne 0 and $opt{pass} eq 0 ) { + $mysqllogin = "-u $opt{user} " . $remotestring; + my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; + if ( $loginstatus =~ /mysqld is alive/ ) { + goodprint + "Logged in using credentials passed on the command line"; + return 1; + } + else { + badprint + "Attempted to use login credentials, but they were invalid"; + exit 1; + } + } # Did we already get a username and password passed on the command line? if ( $opt{user} ne 0 and $opt{pass} ne 0 ) { $mysqllogin = "-u $opt{user} -p\"$opt{pass}\"" . $remotestring; @@ -682,6 +696,15 @@ sub select_array { my $req = shift; debugprint "PERFORM: $req "; my @result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; + if ($? != 0) { + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; + } + debugprint "select_array: return code : $?"; chomp(@result); return @result; } @@ -691,6 +714,15 @@ sub select_one { my $req = shift; debugprint "PERFORM: $req "; my $result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; + if ($? != 0) { + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; + } + debugprint "select_array: return code : $?"; chomp($result); return $result; } @@ -838,10 +870,12 @@ sub security_recommendations { $PASS_COLUMN_NAME='authentication_string'; } debugprint "Password column = $PASS_COLUMN_NAME"; - #exit(0); + # Looking for Anonymous users my @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE TRIM(USER) = '' OR USER IS NULL"; + debugprint Dumper \@mysqlstatlist; + #exit 0; if (@mysqlstatlist) { foreach my $line ( sort @mysqlstatlist ) { chomp($line); @@ -1893,7 +1927,7 @@ sub mysql_stats { push( @generalrec, "Upgrade MySQL to version 4+ to utilize query caching" ); } - elsif (mysql_version_ge(5,6)) + elsif (mysql_version_ge(5,5)) { if ( $myvar{'query_cache_type'} ne "OFF" ) { badprint "Query cache should be disabled by default due to mutex contention."; From 42b09f83abe15ed9d8f832d6e2982a4a5a2d436a Mon Sep 17 00:00:00 2001 From: Christine Date: Mon, 21 Mar 2016 17:11:20 +0100 Subject: [PATCH 006/237] Adding system recommandations based on open port trying to detect local vulnerabilities.csv --- mysqltuner.pl | 60 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 57 insertions(+), 3 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index d541790..e816a20 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.6 +# mysqltuner.pl - Version 1.6.7 # High Performance MySQL Tuning Script # Copyright (C) 2006-2015 Major Hayden - major@mhtx.net # @@ -51,7 +51,7 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # Set up a few variables for use in the script -my $tunerversion = "1.6.6"; +my $tunerversion = "1.6.7"; my ( @adjvars, @generalrec ); # Set defaults @@ -158,6 +158,7 @@ $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}"); $opt{cvefile} ='' unless -f "$opt{cvefile}"; +$opt{cvefile} ='./vulnerabilities.csv' if -f './vulnerabilities.csv'; # my $outputfile = undef; @@ -857,6 +858,58 @@ sub cve_recommendations { } +sub get_opened_ports { + my @opened_ports=`netstat -ltn`; + map { + s/.*:(\d+)\s.*$/$1/; + s/\D//g; + } @opened_ports; + @opened_ports = sort {$a <=> $b} grep { !/^$/ } @opened_ports; + debugprint Dumper \@opened_ports; + return @opened_ports; +} + +sub is_open_port { + my $port=shift; + if ( grep { /^$port$/ } get_opened_ports ) { + return 1; + } + return 0; +} +sub system_recommendations { + prettyprint "\n-------- System Linux Recommendations ---------------------------------------"; + my $os = `uname`; + + unless ($os =~ /Linux/i) { + infoprint "Skipped due to non Linux server"; + return; + } + + prettyprint "Look for related Linux system recommandations"; + + my @opened_ports=get_opened_ports; + infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; + if (scalar(@opened_ports) > 10) { + badprint "There is too many listening ports: ". scalar(@opened_ports). " > 10"; + push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); + } else { + goodprint "There is less than 10 opened ports on this server."; + } + + if ( is_open_port(80) or is_open_port(443) ) { + badprint "There is Apache like server running on 80 or 443 port."; + push( @generalrec, "Consider dedicating a server for Web server in production !" ); + } else { + goodprint "No Web server runing on 80 and 444 port."; + } + if ( is_open_port(8080) or is_open_port(8443) ) { + badprint "There is Application server running on 8080 or 8443 port."; + push( @generalrec, "Consider dedicating a server for Application server in production !" ); + } else { + goodprint "No Application server runing on 8080 or 8443 port."; + } +} + sub security_recommendations { prettyprint "\n-------- Security Recommendations -------------------------------------------"; @@ -3035,6 +3088,7 @@ get_all_vars; # Toss variables/status into hashes get_tuning_info; # Get information about the tuning connexion validate_mysql_version; # Check current MySQL version check_architecture; # Suggest 64-bit upgrade +system_recommendations; # avoid to many service on the same host check_storage_engines; # Show enabled storage engines mysql_databases; # Show informations about databases mysql_indexes; # Show informations about indexes @@ -3067,7 +3121,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.6 - MySQL High Performance Tuning Script + MySQLTuner 1.6.7 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 1ffee5606a82f93973972355222c002ff1df0fc4 Mon Sep 17 00:00:00 2001 From: Christine Date: Mon, 21 Mar 2016 17:41:14 +0100 Subject: [PATCH 007/237] Adding banned port option to detect banned ports --- mysqltuner.pl | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index e816a20..829acec 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -72,7 +72,8 @@ my %opt = ( "skipsize" => 0, "checkversion" => 0, "buffers" => 0, - "passwordfile" => 0, + "passwordfile" => 0, + "bannedports" => '', "outputfile" => 0, "dbstat" => 0, "idxstat" => 0, @@ -92,6 +93,7 @@ GetOptions( 'mysqlcmd=s', 'help', 'buffers', 'skippassword', 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', + 'bannedports=s', ); if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } @@ -134,6 +136,7 @@ sub usage { . " --debug Print debug information\n" . " --dbstat Print database information\n" . " --idxstat Print index information\n" + . " --bannedports ports banned separated by comma(,)\n" . " --cvefile CVE File for vulnerability checks\n" . " --nocolor Don't print output in color\n" . " --json Print result as JSON string\n" @@ -160,6 +163,9 @@ $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" $opt{cvefile} ='' unless -f "$opt{cvefile}"; $opt{cvefile} ='./vulnerabilities.csv' if -f './vulnerabilities.csv'; +$opt{'bannedports'}='' unless defined($opt{'bannedports'}); +my @banned_ports=split ',', $opt{'bannedports'}; + # my $outputfile = undef; $outputfile = abs_path( $opt{outputfile} ) unless $opt{outputfile} eq "0"; @@ -908,6 +914,14 @@ sub system_recommendations { } else { goodprint "No Application server runing on 8080 or 8443 port."; } + foreach my $banport (@banned_ports) { + if ( is_open_port($banport) ) { + badprint "Banned port: $banport is opened.."; + push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); + } else { + goodprint "$banport is not opened."; + } + } } sub security_recommendations { From 805651d44b25bc37e0f0690b8b09df56ad636e4b Mon Sep 17 00:00:00 2001 From: Christine Date: Tue, 22 Mar 2016 09:54:26 +0100 Subject: [PATCH 008/237] Fix bug on index selectivity from mariaDB Adding type in index summary --- mysqltuner.pl | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 829acec..91a8e0b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2908,7 +2908,7 @@ FROM INFORMATION_SCHEMA.STATISTICS s , MAX(SEQ_IN_INDEX) AS max_columns FROM INFORMATION_SCHEMA.STATISTICS WHERE TABLE_SCHEMA NOT IN ('mysql', 'information_schema', 'performance_schema') - AND INDEX_TYPE <> "FULLTEXT" + AND INDEX_TYPE <> 'FULLTEXT' GROUP BY TABLE_SCHEMA, TABLE_NAME, INDEX_NAME ) AS s2 ON s.TABLE_SCHEMA = s2.TABLE_SCHEMA @@ -2933,18 +2933,20 @@ ENDSQL infoprint " +-- NB COLS : " . $info[3] . " column(s)"; infoprint " +-- CARDINALITY : " . $info[4] . " distinct values"; infoprint " +-- NB ROWS : " . $info[5] . " rows"; - infoprint " +-- SELECTIVITY : " . $info[6] . "%"; + infoprint " +-- TYPE : " . $info[6] ; + infoprint " +-- SELECTIVITY : " . $info[7] . "%"; $result{'Indexes'}{ $info[1] }{'Colunm'} = $info[0]; $result{'Indexes'}{ $info[1] }{'Sequence number'} = $info[2]; $result{'Indexes'}{ $info[1] }{'Number of collunm'} = $info[3]; $result{'Indexes'}{ $info[1] }{'Cardianality'} = $info[4]; $result{'Indexes'}{ $info[1] }{'Row number'} = $info[5]; - $result{'Indexes'}{ $info[1] }{'Selectivity'} = $info[6]; - if ( $info[6] < 25 ) { + $result{'Indexes'}{ $info[1] }{'Index Type'} = $info[6]; + $result{'Indexes'}{ $info[1] }{'Selectivity'} = $info[7]; + if ( $info[7] < 25 ) { badprint "$info[1] has a low selectivity"; } - } + } return unless ( defined( $myvar{'performance_schema'} ) @@ -3173,6 +3175,7 @@ You must provide the remote server's total memory when connecting to other serve --debug Print debug information --dbstat Print database information --idxstat Print index information + --bannedports ports banned separated by comma(,) --cvefile CVE File for vulnerability checks --nocolor Don't print output in color --json Print result as JSON string From 200d091362a41537656ae1a9f95af12c76cb3cf7 Mon Sep 17 00:00:00 2001 From: Christine Date: Tue, 22 Mar 2016 14:44:01 +0100 Subject: [PATCH 009/237] Adding system recommandations for banned ports and memory used by other process --- mysqltuner.pl | 65 +++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 60 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 91a8e0b..33ace26 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -826,14 +826,25 @@ sub get_all_vars { } } -sub get_basic_passwords { +sub remove_cr { + map { s/\n$//g; } @_; +} +sub remove_empty { + grep { $_ ne '' } @_; +} +sub get_file_contents { my $file = shift; open( FH, "< $file" ) or die "Can't open $file for read: $!"; my @lines = ; close FH or die "Cannot close $file: $!"; + remove_cr \@lines; return @lines; } +sub get_basic_passwords { + return get_file_contents(shift); +} + sub cve_recommendations { prettyprint "\n-------- CVE Security Recommendations ---------------------------------------"; @@ -882,16 +893,60 @@ sub is_open_port { } return 0; } + +sub get_process_memory { + my $pid=shift; + return 0 unless -f "/proc/$pid/status"; + my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; + map { + s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge + } @pdata; + return $pdata[0]; +} + +sub get_other_process_memory { + my @procs=`ps -eo pid,cmd`; + map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; + map {s/\s*?(\d+)\s*.*/$1/g;} @procs; + remove_cr @procs; + @procs=remove_empty @procs; + my $totalMemOther=0; + map { + $totalMemOther+=get_process_memory($_); + } @procs; + return $totalMemOther; +} + +sub get_os_release { + return "Unknown OS release" unless -f "/etc/system-release"; + my @info_release=get_file_contents "/etc/system-release"; + remove_cr @info_release; + return $info_release[0]; +} sub system_recommendations { prettyprint "\n-------- System Linux Recommendations ---------------------------------------"; my $os = `uname`; - unless ($os =~ /Linux/i) { infoprint "Skipped due to non Linux server"; return; } - prettyprint "Look for related Linux system recommandations"; + #prettyprint '-'x78; + infoprint get_os_release; + + my $omem=get_other_process_memory; + infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; + if ( (0.15*$physical_memory) < $omem) { + badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; + push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESS RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); + + + } else { + } + + #if ($omem > + #exit 0; my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; @@ -1199,6 +1254,7 @@ sub check_architecture { } } $result{'OS'}{'Architecture'} = "$arch bits"; + } # Start up a ton of storage engine counts/statistics @@ -1275,8 +1331,7 @@ sub check_storage_engines { $result{'Databases'}{'List'} = [@dblist]; infoprint "Status: $engines"; if ( mysql_version_ge( 5, 1, 5 ) ) { - -# MySQL 5 servers can have table sizes calculated quickly from information schema + # MySQL 5 servers can have table sizes calculated quickly from information schema my @templist = select_array "SELECT ENGINE,SUM(DATA_LENGTH+INDEX_LENGTH),COUNT(ENGINE),SUM(DATA_LENGTH),SUM(INDEX_LENGTH) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'performance_schema', 'mysql') AND ENGINE IS NOT NULL GROUP BY ENGINE ORDER BY ENGINE ASC;"; From 1a3ce440751ccf6a494152f2c680ec96f15cc861 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 22 Mar 2016 14:49:22 +0100 Subject: [PATCH 010/237] Update INTERNALS.md Adding new system recommandations information --- INTERNALS.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/INTERNALS.md b/INTERNALS.md index ed4f69d..151666e 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -66,6 +66,10 @@ ## MySQLTuner system checks * 32-bit w/>2GB RAM check +* Check number of opened ports (warning if more than 9 ports opened) +* Check 80, 8080, 443 and 8443 ports if warning are raised if there are opened +* Check if some banned ports are not opened (option --bannedports separated by comma) +* Check if non kernel and user process except mysqld are not using more than 15% of total physical memory) ## MySQLTuner Server version checks * EOL MySQL version check From ffed6a3715422391f41147f8d2b64b729f9f03e5 Mon Sep 17 00:00:00 2001 From: Christine Date: Tue, 22 Mar 2016 15:20:18 +0100 Subject: [PATCH 011/237] Adding threadpool information #138 --- mysqltuner.pl | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 33ace26..771a215 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -785,7 +785,11 @@ sub get_all_vars { if ( ( $myvar{'ignore_builtin_innodb'} || "" ) eq "ON" ) { $myvar{'have_innodb'} = "NO"; } - + + $myvar{'have_threadpool'} = "NO"; + if ( defined ( $myvar{'thread_pool_size'} ) and $myvar{'thread_pool_size'} > 0 ) { + $myvar{'have_threadpool'} = "YES"; + } # have_* for engines is deprecated and will be removed in MySQL 5.6; # check SHOW ENGINES and set corresponding old style variables. # Also works around MySQL bug #59393 wrt. skip-innodb @@ -2503,13 +2507,33 @@ sub mariadb_threadpool { # AriaDB unless ( defined $myvar{'have_threadpool'} - && $myvar{'have_threadpool'} eq "YES" - && defined $enginestats{'Aria'} ) + && $myvar{'have_threadpool'} eq "YES" ) { infoprint "ThreadPool stat is disabled."; return; } - infoprint "ThreadPool stat is enabled."; + infoprint "ThreadPool stat is enabled."; + infoprint "Thread Pool Size: ".$myvar{'thread_pool_size'}. " thread(s)."; + + if ($myvar{'have_innodb'} eq 'YES') { + if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { + badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); + push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); + } else { + goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + } + return; + } + if ($myvar{'have_isam'} eq 'YES') { + if ($myvar{'thread_pool_size'}<4 or $myvar{'thread_pool_size'}>8) { + badprint "thread_pool_size between 4 and 8 when using MyIsam storage engine."; + push( @generalrec, "Thread pool size for MyIsam usage (".$myvar{'thread_pool_size'}.")" ); + push( @adjvars, "thread_pool_size between 4 and 8 for MyIsam usage" ); + } else { + goodprint "thread_pool_size between 4 and 8 when using MyISAM storage engine."; + } + } } # Recommendations for Performance Schema @@ -2525,6 +2549,7 @@ sub mysqsl_pfs { infoprint "Performance schema is enabled."; } + # Recommendations for Ariadb sub mariadb_ariadb { prettyprint From a45e83facfa1b3e877923db4267c38080bb08260 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 22 Mar 2016 15:23:49 +0100 Subject: [PATCH 012/237] Update INTERNALS.md --- INTERNALS.md | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 151666e..38ac688 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -244,15 +244,5 @@ ## MySQLTuner MariaDB thread pool information -* thread_pool_size -* thread_pool_stall_limit - -* thread_pool_max_threads -* thread_pool_idle_timeout - -* thread_pool_oversubscribe - -* threadpool_threads -* threadpool_idle_threads -* threadpool_threads / thread_pool_size -* threadpool_idle_threads / thread_pool_size +* thread_pool_size between 16 to 36 for Innodb usage +* thread_pool_size between 4 to 8 for MyIsam usage From e6f8f78ffe2bf74e6b2095020e1323500fccb0e6 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 22 Mar 2016 15:24:24 +0100 Subject: [PATCH 013/237] Update INTERNALS.md --- INTERNALS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INTERNALS.md b/INTERNALS.md index 38ac688..d025858 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -242,7 +242,7 @@ * tokudb_cleaner_iterations * tokudb_fanout -## MySQLTuner MariaDB thread pool information +## MySQLTuner Thread pool information * thread_pool_size between 16 to 36 for Innodb usage * thread_pool_size between 4 to 8 for MyIsam usage From 47ffb270d9c4ddee353b4e667e5d17b18a8342d8 Mon Sep 17 00:00:00 2001 From: Christine Date: Tue, 22 Mar 2016 15:35:00 +0100 Subject: [PATCH 014/237] Typo fix --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 771a215..f39b532 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -943,7 +943,7 @@ sub system_recommendations { if ( (0.15*$physical_memory) < $omem) { badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESS RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); } else { From fb53fa4efce4ead40eb0186e4110462f22936bfd Mon Sep 17 00:00:00 2001 From: Christine Date: Tue, 22 Mar 2016 16:36:04 +0100 Subject: [PATCH 015/237] Adding extra information on collation in dbstat --- mysqltuner.pl | 42 +++++++++++++++++++++++++++++++++--------- 1 file changed, 33 insertions(+), 9 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f39b532..0974d32 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2883,19 +2883,30 @@ sub mysql_databases { infoprint "There is " . scalar(@dblist) . " Database(s)."; my @totaldbinfo = split /\s/, select_one( -"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH) FROM information_schema.TABLES;" +"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)) FROM information_schema.TABLES;" ); infoprint "All Databases:"; - infoprint " +-- ROWS : " + infoprint " +-- TABLE : " + . ( $totaldbinfo[4] eq 'NULL' ? 0 : $totaldbinfo[4] ) . ""; + infoprint " +-- ROWS : " . ( $totaldbinfo[0] eq 'NULL' ? 0 : $totaldbinfo[0] ) . ""; - infoprint " +-- DATA : " + infoprint " +-- DATA : " . hr_bytes( $totaldbinfo[1] ) . "(" . percentage( $totaldbinfo[1], $totaldbinfo[3] ) . "%)"; - infoprint " +-- INDEX: " + infoprint " +-- INDEX : " . hr_bytes( $totaldbinfo[2] ) . "(" . percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%)"; - infoprint " +-- SIZE : " . hr_bytes( $totaldbinfo[3] ) . ""; - + infoprint " +-- SIZE : " . hr_bytes( $totaldbinfo[3] ) . ""; + infoprint " +-- COLLA : " + . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " (". (join ", ", select_array ("SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES;")) .")"; + + + if ($totaldbinfo[5]>1) { + badprint $totaldbinfo[5]. " differents collations for tables detected."; + push(@generalrec, "Check your general collation and your database table location are identical."); + } else { + goodprint $totaldbinfo[5]. " collation for tables detected."; + } badprint "Index size is larger than data size \n" if $totaldbinfo[1] < $totaldbinfo[2]; @@ -2907,8 +2918,8 @@ sub mysql_databases { $result{'Databases'}{'All databases'}{'Index Size'} = $totaldbinfo[2]; $result{'Databases'}{'All databases'}{'Index Pct'} = percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%"; - $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; - + $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; + print "\n"; foreach (@dblist) { chomp($_); if ( $_ eq "information_schema" @@ -2921,10 +2932,15 @@ sub mysql_databases { my @dbinfo = split /\s/, select_one( -"SELECT TABLE_SCHEMA, SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(DISTINCT ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' GROUP BY TABLE_SCHEMA ORDER BY TABLE_SCHEMA" +"SELECT TABLE_SCHEMA, SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(DISTINCT ENGINE),COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' GROUP BY TABLE_SCHEMA ORDER BY TABLE_SCHEMA" ); next unless defined $dbinfo[0]; infoprint "Database: " . $dbinfo[0] . ""; + infoprint " +-- TABLE: " + . ( !defined( $dbinfo[6] ) or $dbinfo[6] eq 'NULL' ? 0 : $dbinfo[6] ) + . ""; + infoprint " +-- COLL : " + . ( $dbinfo[7] eq 'NULL' ? 0 : $dbinfo[7] ) . " (". (join ", ", select_array ("SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';")) .")"; infoprint " +-- ROWS : " . ( !defined( $dbinfo[1] ) or $dbinfo[1] eq 'NULL' ? 0 : $dbinfo[1] ) . ""; @@ -2940,6 +2956,8 @@ sub mysql_databases { badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n" if $dbinfo[5] > 1; $result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1]; + $result{'Databases'}{ $dbinfo[0] }{'Tables'} = $dbinfo[6]; + $result{'Databases'}{ $dbinfo[0] }{'Collations'} = $dbinfo[7]; $result{'Databases'}{ $dbinfo[0] }{'Data Size'} = $dbinfo[2]; $result{'Databases'}{ $dbinfo[0] }{'Data Pct'} = percentage( $dbinfo[2], $dbinfo[4] ) . "%"; @@ -2947,6 +2965,12 @@ sub mysql_databases { $result{'Databases'}{ $dbinfo[0] }{'Index Pct'} = percentage( $dbinfo[3], $dbinfo[4] ) . "%"; $result{'Databases'}{ $dbinfo[0] }{'Total Size'} = $dbinfo[4]; + if ($dbinfo[7]>1) { + badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; + push(@generalrec, "Check all table collations are identical for all tables in ".$dbinfo[0]. " database."); + } else { + goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; + } } } From 18941ae560aff89090f7037cfed4e631a91f5820 Mon Sep 17 00:00:00 2001 From: Christine Date: Tue, 22 Mar 2016 17:56:08 +0100 Subject: [PATCH 016/237] Advanced dbstat for collation and charset --- INTERNALS.md | 6 ++++++ mysqltuner.pl | 44 ++++++++++++++++++++++++++++++++------------ 2 files changed, 38 insertions(+), 12 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index d025858..d24b3c4 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -101,12 +101,18 @@ ## MySQLTuner database information * Per database information + * Tables number * Rows number * Total size * Data size * Percentage of data size * Index size * Percentage of index size + * Collation number + * Check that there is only one collation for all table in a database + * Check that there is only one collation for ll table columns in a database + * Check that there is only one storage engine per user database + ## MySQLTuner index information diff --git a/mysqltuner.pl b/mysqltuner.pl index 0974d32..755426f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2883,7 +2883,7 @@ sub mysql_databases { infoprint "There is " . scalar(@dblist) . " Database(s)."; my @totaldbinfo = split /\s/, select_one( -"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)) FROM information_schema.TABLES;" +"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES;" ); infoprint "All Databases:"; infoprint " +-- TABLE : " @@ -2899,17 +2899,10 @@ sub mysql_databases { infoprint " +-- SIZE : " . hr_bytes( $totaldbinfo[3] ) . ""; infoprint " +-- COLLA : " . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " (". (join ", ", select_array ("SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES;")) .")"; + infoprint " +-- ENGIN : " + . ( $totaldbinfo[6] eq 'NULL' ? 0 : $totaldbinfo[6] ) . " (". (join ", ", select_array ("SELECT DISTINCT(ENGINE) FROM information_schema.TABLES;")) .")"; - if ($totaldbinfo[5]>1) { - badprint $totaldbinfo[5]. " differents collations for tables detected."; - push(@generalrec, "Check your general collation and your database table location are identical."); - } else { - goodprint $totaldbinfo[5]. " collation for tables detected."; - } - badprint "Index size is larger than data size \n" - if $totaldbinfo[1] < $totaldbinfo[2]; - $result{'Databases'}{'All databases'}{'Rows'} = ( $totaldbinfo[0] eq 'NULL' ? 0 : $totaldbinfo[0] ); $result{'Databases'}{'All databases'}{'Data Size'} = $totaldbinfo[1]; @@ -2924,7 +2917,7 @@ sub mysql_databases { chomp($_); if ( $_ eq "information_schema" or $_ eq "performance_schema" - or $_ eq "mysql" + # or $_ eq "mysql" or $_ eq "" ) { next; @@ -2932,7 +2925,7 @@ sub mysql_databases { my @dbinfo = split /\s/, select_one( -"SELECT TABLE_SCHEMA, SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(DISTINCT ENGINE),COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' GROUP BY TABLE_SCHEMA ORDER BY TABLE_SCHEMA" +"SELECT TABLE_SCHEMA, SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(DISTINCT ENGINE),COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' GROUP BY TABLE_SCHEMA ORDER BY TABLE_SCHEMA" ); next unless defined $dbinfo[0]; infoprint "Database: " . $dbinfo[0] . ""; @@ -2951,6 +2944,8 @@ sub mysql_databases { . hr_bytes( $dbinfo[3] ) . "(" . percentage( $dbinfo[3], $dbinfo[4] ) . "%)"; infoprint " +-- TOTAL: " . hr_bytes( $dbinfo[4] ) . ""; + infoprint " +-- ENGIN : " + . ( $dbinfo[8] eq 'NULL' ? 0 : $dbinfo[8] ) . " (". (join ", ", select_array ("SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_'")) .")"; badprint "Index size is larger than data size for $dbinfo[0] \n" if $dbinfo[2] < $dbinfo[3]; badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n" @@ -2971,7 +2966,32 @@ sub mysql_databases { } else { goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; } + if ($dbinfo[8]>1) { + badprint $dbinfo[8]. " differents engines for database ".$dbinfo[0]; + push(@generalrec, "Check all table engines are identical for all tables in ".$dbinfo[0]. " database."); + } else { + goodprint $dbinfo[8]. " engine for ".$dbinfo[0]. " database."; } + + my @distinct_column_charset=select_array("select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"); + infoprint "Charsets for $dbinfo[0] database table column: ". join (', ', @distinct_column_charset); + if (scalar (@distinct_column_charset)>1 ) { + badprint $dbinfo[0]. " table column(s) has several charsets defined for all text like column(s)."; + push(@generalrec, "Limit charset for column to one charset if possible for ".$dbinfo[0]." database."); + } else { + goodprint $dbinfo[0]. " table column(s) has same charset defined for all text like column(s)."; + } + + my @distinct_column_collation=select_array("select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"); + infoprint "Collations for $dbinfo[0] database table column: ". join (', ', @distinct_column_collation); + if (scalar (@distinct_column_collation)>1 ) { + badprint $dbinfo[0]. " table column(s) has several collations defined for all text like column(s)."; + push(@generalrec, "Limit collations for column to one collation if possible for ".$dbinfo[0]." database."); + } else { + goodprint $dbinfo[0]. " table column(s) has same collation defined for all text like column(s)."; + } + } + } # Recommendations for Indexes metrics From b05eea9163384df4e02d60f8dd110768c26b35be Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 23 Mar 2016 12:19:49 +0100 Subject: [PATCH 017/237] Revert "Update CVE list" This reverts commit 3a0ce00ffdd24029c7d05e6a7128eafd0ac33330. --- vulnerabilities.csv | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 vulnerabilities.csv diff --git a/vulnerabilities.csv b/vulnerabilities.csv old mode 100755 new mode 100644 From 039a16505a108e91647b1ed86cd95d73768469b8 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 23 Mar 2016 12:19:54 +0100 Subject: [PATCH 018/237] Revert "Revert "Update CVE list"" This reverts commit b05eea9163384df4e02d60f8dd110768c26b35be. --- vulnerabilities.csv | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 vulnerabilities.csv diff --git a/vulnerabilities.csv b/vulnerabilities.csv old mode 100644 new mode 100755 From 95c13972891ee76de9023b0fde9669a806a5ed20 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 23 Mar 2016 16:18:36 +0100 Subject: [PATCH 019/237] #163 removing by default banned port 443,80, 8080,8443 and let bannedports managed this case. --- mysqltuner.pl | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 755426f..76196ef 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -570,15 +570,18 @@ sub mysql_setup { } } elsif ( -r "/etc/psa/.psa.shadow" and $doremote == 0 ) { - # It's a Plesk box, use the available credentials $mysqllogin = "-u admin -p`cat /etc/psa/.psa.shadow`"; my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; unless ( $loginstatus =~ /mysqld is alive/ ) { - badprint -"Attempted to use login credentials from Plesk, but they failed."; - exit 1; - } + # Plesk 10+ + $mysqllogin = "-u admin -p`/usr/local/psa/bin/admin --show-password`"; + $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; + unless ( $loginstatus =~ /mysqld is alive/ ) { + badprint "Attempted to use login credentials from Plesk and Plesk 10+, but they failed."; + exit 1; + } + } } elsif ( -r "/usr/local/directadmin/conf/mysql.conf" and $doremote == 0 ) { @@ -961,18 +964,18 @@ sub system_recommendations { goodprint "There is less than 10 opened ports on this server."; } - if ( is_open_port(80) or is_open_port(443) ) { - badprint "There is Apache like server running on 80 or 443 port."; - push( @generalrec, "Consider dedicating a server for Web server in production !" ); - } else { - goodprint "No Web server runing on 80 and 444 port."; - } - if ( is_open_port(8080) or is_open_port(8443) ) { - badprint "There is Application server running on 8080 or 8443 port."; - push( @generalrec, "Consider dedicating a server for Application server in production !" ); - } else { - goodprint "No Application server runing on 8080 or 8443 port."; - } +# if ( is_open_port(80) or is_open_port(443) ) { +# badprint "There is Apache like server running on 80 or 443 port."; +# push( @generalrec, "Consider dedicating a server for Web server in production !" ); +# } else { +# goodprint "No Web server runing on 80 and 443 port."; +# } +# if ( is_open_port(8080) or is_open_port(8443) ) { +# badprint "There is Application server running on 8080 or 8443 port."; +# push( @generalrec, "Consider dedicating a server for Application server in production !" ); +# } else { +# goodprint "No Application server runing on 8080 or 8443 port."; +# } foreach my $banport (@banned_ports) { if ( is_open_port($banport) ) { badprint "Banned port: $banport is opened.."; From 30b7f2e52c5b8ee6bc04edd0c7206440308a9db8 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 23 Mar 2016 16:33:02 +0100 Subject: [PATCH 020/237] #164 removing by default check for 10 opened ports. option maxallowedport added for this case. --- mysqltuner.pl | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 76196ef..0756ad3 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.7 +# mysqltuner.pl - Version 1.6.8 # High Performance MySQL Tuning Script # Copyright (C) 2006-2015 Major Hayden - major@mhtx.net # @@ -51,7 +51,7 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # Set up a few variables for use in the script -my $tunerversion = "1.6.7"; +my $tunerversion = "1.6.8"; my ( @adjvars, @generalrec ); # Set defaults @@ -73,7 +73,8 @@ my %opt = ( "checkversion" => 0, "buffers" => 0, "passwordfile" => 0, - "bannedports" => '', + "bannedports" => '', + "maxportallowed"= >0, "outputfile" => 0, "dbstat" => 0, "idxstat" => 0, @@ -93,7 +94,7 @@ GetOptions( 'mysqlcmd=s', 'help', 'buffers', 'skippassword', 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', - 'bannedports=s', + 'bannedports=s','maxportallowed=s' ); if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } @@ -136,7 +137,8 @@ sub usage { . " --debug Print debug information\n" . " --dbstat Print database information\n" . " --idxstat Print index information\n" - . " --bannedports ports banned separated by comma(,)\n" + . " --bannedports Ports banned separated by comma(,)\n" + . " --maxportallowed Number of ports opened allowed on this hosts\n" . " --cvefile CVE File for vulnerability checks\n" . " --nocolor Don't print output in color\n" . " --json Print result as JSON string\n" @@ -955,16 +957,17 @@ sub system_recommendations { #if ($omem > #exit 0; - my @opened_ports=get_opened_ports; - infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; - if (scalar(@opened_ports) > 10) { - badprint "There is too many listening ports: ". scalar(@opened_ports). " > 10"; - push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); - } else { - goodprint "There is less than 10 opened ports on this server."; + if ($opt{'maxportallowed'} > 0) { + my @opened_ports=get_opened_ports; + infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; + if (scalar(@opened_ports) > $opt{'maxportallowed'}) { + badprint "There is too many listening ports: ". scalar(@opened_ports). " > 10"; + push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); + } else { + goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; + } } - -# if ( is_open_port(80) or is_open_port(443) ) { + # if ( is_open_port(80) or is_open_port(443) ) { # badprint "There is Apache like server running on 80 or 443 port."; # push( @generalrec, "Consider dedicating a server for Web server in production !" ); # } else { @@ -3264,7 +3267,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.7 - MySQL High Performance Tuning Script + MySQLTuner 1.6.8 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES @@ -3302,7 +3305,8 @@ You must provide the remote server's total memory when connecting to other serve --debug Print debug information --dbstat Print database information --idxstat Print index information - --bannedports ports banned separated by comma(,) + --bannedports Ports banned separated by comma(,) + --maxportallowed Number of ports opened allowed on this hosts --cvefile CVE File for vulnerability checks --nocolor Don't print output in color --json Print result as JSON string From 84d108bc702dbae5e7209f949ec8c3ab8b04007c Mon Sep 17 00:00:00 2001 From: root Date: Wed, 23 Mar 2016 16:35:59 +0100 Subject: [PATCH 021/237] Broken code fixed --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 0756ad3..eb32211 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -74,7 +74,7 @@ my %opt = ( "buffers" => 0, "passwordfile" => 0, "bannedports" => '', - "maxportallowed"= >0, + "maxportallowed"=> 0, "outputfile" => 0, "dbstat" => 0, "idxstat" => 0, @@ -94,7 +94,7 @@ GetOptions( 'mysqlcmd=s', 'help', 'buffers', 'skippassword', 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', - 'bannedports=s','maxportallowed=s' + 'bannedports=s','maxportallowed=s', ); if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } From 10a5ad0fdb71547bec37362955cec51182e3ee2a Mon Sep 17 00:00:00 2001 From: root Date: Thu, 24 Mar 2016 10:21:02 +0100 Subject: [PATCH 022/237] Fix message for #164 issue --- mysqltuner.pl | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index eb32211..aa71a9b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -961,24 +961,13 @@ sub system_recommendations { my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; if (scalar(@opened_ports) > $opt{'maxportallowed'}) { - badprint "There is too many listening ports: ". scalar(@opened_ports). " > 10"; + badprint "There is too many listening ports: ". scalar(@opened_ports) " opened > ".$opt{'maxportallowed'}. "allowed."; push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); } else { goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; } } - # if ( is_open_port(80) or is_open_port(443) ) { -# badprint "There is Apache like server running on 80 or 443 port."; -# push( @generalrec, "Consider dedicating a server for Web server in production !" ); -# } else { -# goodprint "No Web server runing on 80 and 443 port."; -# } -# if ( is_open_port(8080) or is_open_port(8443) ) { -# badprint "There is Application server running on 8080 or 8443 port."; -# push( @generalrec, "Consider dedicating a server for Application server in production !" ); -# } else { -# goodprint "No Application server runing on 8080 or 8443 port."; -# } + foreach my $banport (@banned_ports) { if ( is_open_port($banport) ) { badprint "Banned port: $banport is opened.."; From 0be6ebb62675566dc83fbfca756450eb492b8a5e Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 14:25:12 +0100 Subject: [PATCH 023/237] fix the build fail --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index aa71a9b..029fa08 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -961,7 +961,7 @@ sub system_recommendations { my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; if (scalar(@opened_ports) > $opt{'maxportallowed'}) { - badprint "There is too many listening ports: ". scalar(@opened_ports) " opened > ".$opt{'maxportallowed'}. "allowed."; + badprint "There is too many listening ports: ". scalar(@opened_ports). " opened > ".$opt{'maxportallowed'}. "allowed."; push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); } else { goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; From 9c87b5266f6d7d04dd09d63ae309eb03cb1eae47 Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 18:36:49 +0100 Subject: [PATCH 024/237] v1.6.9 --- mysqltuner.pl | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 029fa08..f864d2c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,7 +1,7 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.8 +# mysqltuner.pl - Version 1.6.9 # High Performance MySQL Tuning Script -# Copyright (C) 2006-2015 Major Hayden - major@mhtx.net +# Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # # For the latest updates, please visit http://mysqltuner.com/ # Git repository available at http://github.com/major/MySQLTuner-perl @@ -51,7 +51,7 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # Set up a few variables for use in the script -my $tunerversion = "1.6.8"; +my $tunerversion = "1.6.9"; my ( @adjvars, @generalrec ); # Set defaults @@ -82,7 +82,8 @@ my %opt = ( "noask" => 0, "template" => 0, "json" => 0, - "reportfile" => 0 + "reportfile" => 0, + "prettyjson" => 0 ); # Gather the options from the command line @@ -94,7 +95,7 @@ GetOptions( 'mysqlcmd=s', 'help', 'buffers', 'skippassword', 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', - 'bannedports=s','maxportallowed=s', + 'bannedports=s','maxportallowed=s','prettyjson' ); if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } @@ -142,6 +143,7 @@ sub usage { . " --cvefile CVE File for vulnerability checks\n" . " --nocolor Don't print output in color\n" . " --json Print result as JSON string\n" + . " --prettyjson Print result as human readable JSON\n" . " --buffers Print global and per-thread buffer values\n" . " --outputfile Path to a output txt file\n" . "\n" . " --reportfile Path to a report txt file\n" . "\n" @@ -3208,7 +3210,7 @@ sub dump_result { exit 1; } my $json = JSON->new->allow_nonref; - print JSON->new->utf8(1)->pretty(1)->encode(%result); + print $json->utf8(1)->pretty((defined $opt{'prettyjson'} ? 1 : 0))->encode(\%result); } } From 58807c135f1c09e85ce999aa118be762a43cb97c Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 19:47:59 +0100 Subject: [PATCH 025/237] inconsistent performance schema info #167 --- mysqltuner.pl | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f864d2c..7373273 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -82,8 +82,8 @@ my %opt = ( "noask" => 0, "template" => 0, "json" => 0, - "reportfile" => 0, - "prettyjson" => 0 + "prettyjson" => 0, + "reportfile" => 0 ); # Gather the options from the command line @@ -93,9 +93,10 @@ GetOptions( 'host=s', 'socket=s', 'port=i', 'user=s', 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', 'mysqlcmd=s', 'help', 'buffers', 'skippassword', - 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', - 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', - 'bannedports=s','maxportallowed=s','prettyjson' + 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', + 'json', 'prettyjson', 'idxstat', 'noask', + 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', + 'maxportallowed=s' ); if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } @@ -191,7 +192,7 @@ my %result; # Functions that handle the print styles sub prettyprint { - print $_[0] . "\n" unless $opt{'silent'}; + print $_[0] . "\n" unless ($opt{'silent'} or $opt{'json'}); print $fh $_[0] . "\n" if defined($fh); } sub goodprint { prettyprint $good. " " . $_[0] unless ( $opt{nogood} == 1 ); } @@ -388,7 +389,7 @@ sub os_setup { # Checks for updates to MySQLTuner sub validate_tuner_version { if ($opt{checkversion} eq 0) { - print "\n"; + print "\n" unless ($opt{'silent'} or $opt{'json'}); infoprint "Skipped version check for MySQLTuner script"; return; } @@ -2541,9 +2542,9 @@ sub mysqsl_pfs { # Performance Schema unless ( defined($myvar{'performance_schema'}) and $myvar{'performance_schema'} eq 'ON' ) { infoprint "Performance schema is disabled."; + } else { + infoprint "Performance schema is enabled."; } - - infoprint "Performance schema is enabled."; } @@ -2909,7 +2910,7 @@ sub mysql_databases { $result{'Databases'}{'All databases'}{'Index Pct'} = percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%"; $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; - print "\n"; + print "\n" unless ($opt{'silent'} or $opt{'json'}); foreach (@dblist) { chomp($_); if ( $_ eq "information_schema" @@ -3210,7 +3211,7 @@ sub dump_result { exit 1; } my $json = JSON->new->allow_nonref; - print $json->utf8(1)->pretty((defined $opt{'prettyjson'} ? 1 : 0))->encode(\%result); + print $json->utf8(1)->pretty(($opt{'prettyjson'} ? 1 : 0))->encode(\%result); } } From ae9bbe405b409ea8aa6c83b4d7b83af44834c04c Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 21:17:34 +0100 Subject: [PATCH 026/237] added version update functionality --- mysqltuner.pl | 130 ++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 100 insertions(+), 30 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 7373273..1540b75 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -56,34 +56,35 @@ my ( @adjvars, @generalrec ); # Set defaults my %opt = ( - "silent" => 0, - "nobad" => 0, - "nogood" => 0, - "noinfo" => 0, - "debug" => 0, - "nocolor" => 0, - "forcemem" => 0, - "forceswap" => 0, - "host" => 0, - "socket" => 0, - "port" => 0, - "user" => 0, - "pass" => 0, - "skipsize" => 0, - "checkversion" => 0, - "buffers" => 0, - "passwordfile" => 0, - "bannedports" => '', - "maxportallowed"=> 0, - "outputfile" => 0, - "dbstat" => 0, - "idxstat" => 0, - "skippassword" => 0, - "noask" => 0, - "template" => 0, - "json" => 0, - "prettyjson" => 0, - "reportfile" => 0 + "silent" => 0, + "nobad" => 0, + "nogood" => 0, + "noinfo" => 0, + "debug" => 0, + "nocolor" => 0, + "forcemem" => 0, + "forceswap" => 0, + "host" => 0, + "socket" => 0, + "port" => 0, + "user" => 0, + "pass" => 0, + "skipsize" => 0, + "checkversion" => 0, + "updateversion" => 0, + "buffers" => 0, + "passwordfile" => 0, + "bannedports" => '', + "maxportallowed" => 0, + "outputfile" => 0, + "dbstat" => 0, + "idxstat" => 0, + "skippassword" => 0, + "noask" => 0, + "template" => 0, + "json" => 0, + "prettyjson" => 0, + "reportfile" => 0 ); # Gather the options from the command line @@ -96,7 +97,7 @@ GetOptions( 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', 'prettyjson', 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', - 'maxportallowed=s' + 'updateversion', 'maxportallowed=s' ); if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } @@ -128,6 +129,7 @@ sub usage { . " (Recommended for servers with many tables)\n" . " --skippassword Don't perform checks on user passwords(default: off)\n" . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" + . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" . " --forcemem Amount of RAM installed in megabytes\n" . " --forceswap Amount of swap memory configured in megabytes\n" . " --passwordfile Path to a password file list(one password by line)\n" @@ -388,7 +390,7 @@ sub os_setup { # Checks for updates to MySQLTuner sub validate_tuner_version { - if ($opt{checkversion} eq 0) { + if ($opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0) { print "\n" unless ($opt{'silent'} or $opt{'json'}); infoprint "Skipped version check for MySQLTuner script"; return; @@ -427,12 +429,80 @@ sub validate_tuner_version { infoprint "Unable to check for the latest MySQLTuner version"; } +# Checks for updates to MySQLTuner +sub update_tuner_version { + if ($opt{'updateversion'} eq 0) { + badprint "Skipped version update for MySQLTuner script"; + print "\n" unless ($opt{'silent'} or $opt{'json'}); + return; + } + + #use Cwd; + my $update; + my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/"; + my @scripts = ("mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv"); + my $totalScripts = scalar(keys @scripts); + my $receivedScripts = 0; + my $httpcli =`which curl`; + + foreach my $script (@scripts) { + + chomp($httpcli); + if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; + + debugprint "$httpcli --connect-timeout 5 -silent '$url$script' > $script"; + $update = `$httpcli --connect-timeout 5 -silent '$url$script' > $script`; + chomp($update); + debugprint "$script updated: $update"; + + if ( -s $script eq 0) { + badprint "Couldn't update $script"; + } else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + } else { + + $httpcli=`which wget`; + chomp($httpcli); + if ( defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; + + debugprint "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; + $update = `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; + chomp($update); + + if ( -s $script eq 0) { + badprint "Couldn't update $script"; + } else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + + } else { + debugprint "curl and wget are not available."; + infoprint "Unable to check for the latest MySQLTuner version"; + } + } + } + + if ($receivedScripts eq $totalScripts) { + goodprint "Successfully updated MySQLTuner script"; + } else { + badprint "Couldn't update MySQLTuner script"; + } + + exit 0; +} + sub compare_tuner_version { my $remoteversion=shift; debugprint "Remote data: $remoteversion"; #exit 0; if ($remoteversion ne $tunerversion) { badprint "There is a new version of MySQLTuner available ($remoteversion)"; + update_tuner_version(); return; } goodprint "You have the latest version of MySQLTuner($tunerversion)"; From 5c9f9952aa17b6133ebd1a3755a5f4e56ce4e24f Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 21:20:48 +0100 Subject: [PATCH 027/237] added update version functionality --- mysqltuner.pl | 113 +++++++++++++++++++++++++------------------------- 1 file changed, 57 insertions(+), 56 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1540b75..790b9a9 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -782,14 +782,14 @@ sub select_array { debugprint "PERFORM: $req "; my @result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp(@result); return @result; } @@ -800,14 +800,14 @@ sub select_one { debugprint "PERFORM: $req "; my $result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp($result); return $result; } @@ -960,9 +960,9 @@ sub cve_recommendations { sub get_opened_ports { my @opened_ports=`netstat -ltn`; map { - s/.*:(\d+)\s.*$/$1/; - s/\D//g; - } @opened_ports; + s/.*:(\d+)\s.*$/$1/; + s/\D//g; + } @opened_ports; @opened_ports = sort {$a <=> $b} grep { !/^$/ } @opened_ports; debugprint Dumper \@opened_ports; return @opened_ports; @@ -977,26 +977,26 @@ sub is_open_port { } sub get_process_memory { - my $pid=shift; - return 0 unless -f "/proc/$pid/status"; - my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; - map { - s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge - } @pdata; - return $pdata[0]; + my $pid=shift; + return 0 unless -f "/proc/$pid/status"; + my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; + map { + s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge + } @pdata; + return $pdata[0]; } sub get_other_process_memory { - my @procs=`ps -eo pid,cmd`; - map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; - map {s/\s*?(\d+)\s*.*/$1/g;} @procs; - remove_cr @procs; - @procs=remove_empty @procs; - my $totalMemOther=0; - map { - $totalMemOther+=get_process_memory($_); - } @procs; - return $totalMemOther; + my @procs=`ps -eo pid,cmd`; + map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; + map {s/\s*?(\d+)\s*.*/$1/g;} @procs; + remove_cr @procs; + @procs=remove_empty @procs; + my $totalMemOther=0; + map { + $totalMemOther+=get_process_memory($_); + } @procs; + return $totalMemOther; } sub get_os_release { @@ -1020,34 +1020,34 @@ sub system_recommendations { infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; if ( (0.15*$physical_memory) < $omem) { badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; - push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); + push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); } else { } #if ($omem > - #exit 0; + #exit 0; if ($opt{'maxportallowed'} > 0) { my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; if (scalar(@opened_ports) > $opt{'maxportallowed'}) { - badprint "There is too many listening ports: ". scalar(@opened_ports). " opened > ".$opt{'maxportallowed'}. "allowed."; - push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); + badprint "There is too many listening ports: ". scalar(@opened_ports). " opened > ".$opt{'maxportallowed'}. "allowed."; + push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); } else { - goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; + goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; } } foreach my $banport (@banned_ports) { - if ( is_open_port($banport) ) { - badprint "Banned port: $banport is opened.."; - push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); - } else { - goodprint "$banport is not opened."; - } + if ( is_open_port($banport) ) { + badprint "Banned port: $banport is opened.."; + push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); + } else { + goodprint "$banport is not opened."; + } } } @@ -1403,7 +1403,7 @@ sub check_storage_engines { $result{'Databases'}{'List'} = [@dblist]; infoprint "Status: $engines"; if ( mysql_version_ge( 5, 1, 5 ) ) { - # MySQL 5 servers can have table sizes calculated quickly from information schema + # MySQL 5 servers can have table sizes calculated quickly from information schema my @templist = select_array "SELECT ENGINE,SUM(DATA_LENGTH+INDEX_LENGTH),COUNT(ENGINE),SUM(DATA_LENGTH),SUM(INDEX_LENGTH) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'performance_schema', 'mysql') AND ENGINE IS NOT NULL GROUP BY ENGINE ORDER BY ENGINE ASC;"; @@ -2584,12 +2584,12 @@ sub mariadb_threadpool { infoprint "Thread Pool Size: ".$myvar{'thread_pool_size'}. " thread(s)."; if ($myvar{'have_innodb'} eq 'YES') { - if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { - badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; - push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); - push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); - } else { - goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { + badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); + push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); + } else { + goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; } return; } @@ -3029,10 +3029,10 @@ sub mysql_databases { percentage( $dbinfo[3], $dbinfo[4] ) . "%"; $result{'Databases'}{ $dbinfo[0] }{'Total Size'} = $dbinfo[4]; if ($dbinfo[7]>1) { - badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; + badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; push(@generalrec, "Check all table collations are identical for all tables in ".$dbinfo[0]. " database."); } else { - goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; + goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; } if ($dbinfo[8]>1) { badprint $dbinfo[8]. " differents engines for database ".$dbinfo[0]; @@ -3296,7 +3296,7 @@ get_all_vars; # Toss variables/status into hashes get_tuning_info; # Get information about the tuning connexion validate_mysql_version; # Check current MySQL version check_architecture; # Suggest 64-bit upgrade -system_recommendations; # avoid to many service on the same host +system_recommendations; # avoid to many service on the same host check_storage_engines; # Show enabled storage engines mysql_databases; # Show informations about databases mysql_indexes; # Show informations about indexes @@ -3354,6 +3354,7 @@ You must provide the remote server's total memory when connecting to other serve (Recommended for servers with many tables) --skippassword Don't perform checks on user passwords(default: off) --checkversion Check for updates to MySQLTuner (default: don't check) + --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check) --forcemem Amount of RAM installed in megabytes --forceswap Amount of swap memory configured in megabytes --passwordfile Path to a password file list(one password by line) From 6c280de32fb7a2df80ae087ba73af3145f07feee Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 22:48:07 +0100 Subject: [PATCH 028/237] Added GetOptions check if fails show help Added verbose mode --- mysqltuner.pl | 184 +++++++++++++++++++++++++++----------------------- 1 file changed, 100 insertions(+), 84 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 790b9a9..1938e8e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -84,74 +84,81 @@ my %opt = ( "template" => 0, "json" => 0, "prettyjson" => 0, - "reportfile" => 0 + "reportfile" => 0, + "verbose" => 0 ); # Gather the options from the command line -GetOptions( - \%opt, 'nobad', 'nogood', 'noinfo', - 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', - 'host=s', 'socket=s', 'port=i', 'user=s', - 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', - 'mysqlcmd=s', 'help', 'buffers', 'skippassword', - 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', - 'json', 'prettyjson', 'idxstat', 'noask', - 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', - 'updateversion', 'maxportallowed=s' +my $getOptionsCheck = GetOptions( + \%opt, 'nobad', 'nogood', 'noinfo', + 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', + 'host=s', 'socket=s', 'port=i', 'user=s', + 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', + 'mysqlcmd=s', 'help', 'buffers', 'skippassword', + 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', + 'json', 'prettyjson', 'idxstat', 'noask', + 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', + 'updateversion', 'maxportallowed=s', 'verbose' ); +#If params are incorrect return help +if ($getOptionsCheck ne 1) { + usage(); +} + if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } sub usage { - # Shown with --help option passed - print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" - . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" - . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" - . "\n" - . " Important Usage Guidelines:\n" - . " To run the script with the default options, run the script without arguments\n" - . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" - . " Some routines may require root level privileges (script will provide warnings)\n" - . " You must provide the remote server's total memory when connecting to other servers\n" - . "\n" - . " Connection and Authentication\n" - . " --host Connect to a remote host to perform tests (default: localhost)\n" - . " --socket Use a different socket for a local connection\n" - . " --port Port to use for connection (default: 3306)\n" - . " --user Username to use for authentication\n" - . " --pass Password to use for authentication\n" - . " --mysqladmin Path to a custom mysqladmin executable\n" - . " --mysqlcmd Path to a custom mysql executable\n" . "\n" - . " --noask Dont ask password if needed\n" . "\n" - . " Performance and Reporting Options\n" - . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" - . " (Recommended for servers with many tables)\n" - . " --skippassword Don't perform checks on user passwords(default: off)\n" - . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" - . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" - . " --forcemem Amount of RAM installed in megabytes\n" - . " --forceswap Amount of swap memory configured in megabytes\n" - . " --passwordfile Path to a password file list(one password by line)\n" - . " Output Options:\n" - . " --silent Don't output anything on screen\n" - . " --nogood Remove OK responses\n" - . " --nobad Remove negative/suggestion responses\n" - . " --noinfo Remove informational responses\n" - . " --debug Print debug information\n" - . " --dbstat Print database information\n" - . " --idxstat Print index information\n" - . " --bannedports Ports banned separated by comma(,)\n" - . " --maxportallowed Number of ports opened allowed on this hosts\n" - . " --cvefile CVE File for vulnerability checks\n" - . " --nocolor Don't print output in color\n" - . " --json Print result as JSON string\n" - . " --prettyjson Print result as human readable JSON\n" - . " --buffers Print global and per-thread buffer values\n" - . " --outputfile Path to a output txt file\n" . "\n" - . " --reportfile Path to a report txt file\n" . "\n" - . " --template Path to a template file\n" . "\n"; - exit 0; + # Shown with --help option passed + print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" + . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" + . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" + . "\n" + . " Important Usage Guidelines:\n" + . " To run the script with the default options, run the script without arguments\n" + . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" + . " Some routines may require root level privileges (script will provide warnings)\n" + . " You must provide the remote server's total memory when connecting to other servers\n" + . "\n" + . " Connection and Authentication\n" + . " --host Connect to a remote host to perform tests (default: localhost)\n" + . " --socket Use a different socket for a local connection\n" + . " --port Port to use for connection (default: 3306)\n" + . " --user Username to use for authentication\n" + . " --pass Password to use for authentication\n" + . " --mysqladmin Path to a custom mysqladmin executable\n" + . " --mysqlcmd Path to a custom mysql executable\n" . "\n" + . " --noask Dont ask password if needed\n" . "\n" + . " Performance and Reporting Options\n" + . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" + . " (Recommended for servers with many tables)\n" + . " --skippassword Don't perform checks on user passwords(default: off)\n" + . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" + . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" + . " --forcemem Amount of RAM installed in megabytes\n" + . " --forceswap Amount of swap memory configured in megabytes\n" + . " --passwordfile Path to a password file list(one password by line)\n" + . " Output Options:\n" + . " --silent Don't output anything on screen\n" + . " --nogood Remove OK responses\n" + . " --nobad Remove negative/suggestion responses\n" + . " --noinfo Remove informational responses\n" + . " --debug Print debug information\n" + . " --dbstat Print database information\n" + . " --idxstat Print index information\n" + . " --bannedports Ports banned separated by comma(,)\n" + . " --maxportallowed Number of ports opened allowed on this hosts\n" + . " --cvefile CVE File for vulnerability checks\n" + . " --nocolor Don't print output in color\n" + . " --json Print result as JSON string\n" + . " --prettyjson Print result as human readable JSON\n" + . " --buffers Print global and per-thread buffer values\n" + . " --outputfile Path to a output txt file\n" . "\n" + . " --reportfile Path to a report txt file\n" . "\n" + . " --template Path to a template file\n" . "\n" + . " --verbose Prints out all options (default: no verbose) \n" . "\n"; + exit 0; } my $devnull = File::Spec->devnull(); @@ -164,6 +171,15 @@ my $basic_password_files = $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" unless -f "$basic_password_files"; +# check if we need to enable verbose mode +if ($opt{verbose}) { + $opt{checkversion} = 1; #Check for updates to MySQLTuner + $opt{dbstat} = 1; #Print database information + $opt{idxstat} = 1; #Print index information + $opt{buffers} = 1; #Print global and per-thread buffer values + $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks +} + # for RPM distributions $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}"); @@ -3350,34 +3366,34 @@ You must provide the remote server's total memory when connecting to other serve =head1 PERFORMANCE AND REPORTING OPTIONS - --skipsize Don't enumerate tables and their types/sizes (default: on) - (Recommended for servers with many tables) - --skippassword Don't perform checks on user passwords(default: off) - --checkversion Check for updates to MySQLTuner (default: don't check) - --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check) - --forcemem Amount of RAM installed in megabytes - --forceswap Amount of swap memory configured in megabytes - --passwordfile Path to a password file list(one password by line) + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + --skippassword Don't perform checks on user passwords(default: off) + --checkversion Check for updates to MySQLTuner (default: don't check) + --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check) + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + --passwordfile Path to a password file list(one password by line) =head1 OUTPUT OPTIONS - --silent Don't output anything on screen - --nogood Remove OK responses - --nobad Remove negative/suggestion responses - --noinfo Remove informational responses - --debug Print debug information - --dbstat Print database information - --idxstat Print index information - --bannedports Ports banned separated by comma(,) - --maxportallowed Number of ports opened allowed on this hosts - --cvefile CVE File for vulnerability checks - --nocolor Don't print output in color - --json Print result as JSON string - --buffers Print global and per-thread buffer values - --outputfile Path to a output txt file - --reportfile Path to a report txt file - --template Path to a template file - + --silent Don't output anything on screen + --nogood Remove OK responses + --nobad Remove negative/suggestion responses + --noinfo Remove informational responses + --debug Print debug information + --dbstat Print database information + --idxstat Print index information + --bannedports Ports banned separated by comma(,) + --maxportallowed Number of ports opened allowed on this hosts + --cvefile CVE File for vulnerability checks + --nocolor Don't print output in color + --json Print result as JSON string + --buffers Print global and per-thread buffer values + --outputfile Path to a output txt file + --reportfile Path to a report txt file + --template Path to a template file + --verbose Prints out all options (default: no verbose) =head1 PERLDOC You can find documentation for this module with the perldoc command. From 5fb8e3dec773462accffa58219da7e04ce5bb0c8 Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 23:23:31 +0100 Subject: [PATCH 029/237] fix for perl 5.10 and 5.8 --- mysqltuner.pl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1938e8e..5858efc 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -461,7 +461,9 @@ sub update_tuner_version { my $receivedScripts = 0; my $httpcli =`which curl`; - foreach my $script (@scripts) { + foreach my $scriptKey (keys @scripts) { + + my $script = $scripts[$scriptKey]; chomp($httpcli); if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { From 774dbd89147cc3b832d6ea55b57533f76238f1fd Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 23:31:52 +0100 Subject: [PATCH 030/237] fix for perl 5.10 and 5.8 --- mysqltuner.pl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5858efc..b2a4481 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -461,10 +461,11 @@ sub update_tuner_version { my $receivedScripts = 0; my $httpcli =`which curl`; - foreach my $scriptKey (keys @scripts) { + #foreach my $scriptKey (%{@scripts}) { + for my $scriptKey (0 .. $#scripts) { my $script = $scripts[$scriptKey]; - + chomp($httpcli); if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { debugprint "$httpcli is available."; From 2d4afc2e82e51825a593cf459acd747567f7c1ed Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 23:41:30 +0100 Subject: [PATCH 031/237] fix for perl 5.10 and 5.8 --- mysqltuner.pl | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b2a4481..c6c20ee 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -461,10 +461,7 @@ sub update_tuner_version { my $receivedScripts = 0; my $httpcli =`which curl`; - #foreach my $scriptKey (%{@scripts}) { - for my $scriptKey (0 .. $#scripts) { - - my $script = $scripts[$scriptKey]; + foreach my $script (@scripts) { chomp($httpcli); if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { From 5faf456d7717d66fa6306bf403a829e5d1548a8b Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 23:56:45 +0100 Subject: [PATCH 032/237] fix for perl 5.10 and 5.8 --- mysqltuner.pl | 434 ++++++++++++++++++++------------------------------ 1 file changed, 172 insertions(+), 262 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index c6c20ee..aa71a9b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,7 +1,7 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.9 +# mysqltuner.pl - Version 1.6.8 # High Performance MySQL Tuning Script -# Copyright (C) 2006-2016 Major Hayden - major@mhtx.net +# Copyright (C) 2006-2015 Major Hayden - major@mhtx.net # # For the latest updates, please visit http://mysqltuner.com/ # Git repository available at http://github.com/major/MySQLTuner-perl @@ -51,114 +51,102 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # Set up a few variables for use in the script -my $tunerversion = "1.6.9"; +my $tunerversion = "1.6.8"; my ( @adjvars, @generalrec ); # Set defaults my %opt = ( - "silent" => 0, - "nobad" => 0, - "nogood" => 0, - "noinfo" => 0, - "debug" => 0, - "nocolor" => 0, - "forcemem" => 0, - "forceswap" => 0, - "host" => 0, - "socket" => 0, - "port" => 0, - "user" => 0, - "pass" => 0, - "skipsize" => 0, - "checkversion" => 0, - "updateversion" => 0, - "buffers" => 0, - "passwordfile" => 0, - "bannedports" => '', - "maxportallowed" => 0, - "outputfile" => 0, - "dbstat" => 0, - "idxstat" => 0, - "skippassword" => 0, - "noask" => 0, - "template" => 0, - "json" => 0, - "prettyjson" => 0, - "reportfile" => 0, - "verbose" => 0 + "silent" => 0, + "nobad" => 0, + "nogood" => 0, + "noinfo" => 0, + "debug" => 0, + "nocolor" => 0, + "forcemem" => 0, + "forceswap" => 0, + "host" => 0, + "socket" => 0, + "port" => 0, + "user" => 0, + "pass" => 0, + "skipsize" => 0, + "checkversion" => 0, + "buffers" => 0, + "passwordfile" => 0, + "bannedports" => '', + "maxportallowed"=> 0, + "outputfile" => 0, + "dbstat" => 0, + "idxstat" => 0, + "skippassword" => 0, + "noask" => 0, + "template" => 0, + "json" => 0, + "reportfile" => 0 ); # Gather the options from the command line -my $getOptionsCheck = GetOptions( - \%opt, 'nobad', 'nogood', 'noinfo', - 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', - 'host=s', 'socket=s', 'port=i', 'user=s', - 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', - 'mysqlcmd=s', 'help', 'buffers', 'skippassword', - 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', - 'json', 'prettyjson', 'idxstat', 'noask', - 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', - 'updateversion', 'maxportallowed=s', 'verbose' +GetOptions( + \%opt, 'nobad', 'nogood', 'noinfo', + 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', + 'host=s', 'socket=s', 'port=i', 'user=s', + 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', + 'mysqlcmd=s', 'help', 'buffers', 'skippassword', + 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', + 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', + 'bannedports=s','maxportallowed=s', ); -#If params are incorrect return help -if ($getOptionsCheck ne 1) { - usage(); -} - if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } sub usage { - # Shown with --help option passed - print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" - . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" - . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" - . "\n" - . " Important Usage Guidelines:\n" - . " To run the script with the default options, run the script without arguments\n" - . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" - . " Some routines may require root level privileges (script will provide warnings)\n" - . " You must provide the remote server's total memory when connecting to other servers\n" - . "\n" - . " Connection and Authentication\n" - . " --host Connect to a remote host to perform tests (default: localhost)\n" - . " --socket Use a different socket for a local connection\n" - . " --port Port to use for connection (default: 3306)\n" - . " --user Username to use for authentication\n" - . " --pass Password to use for authentication\n" - . " --mysqladmin Path to a custom mysqladmin executable\n" - . " --mysqlcmd Path to a custom mysql executable\n" . "\n" - . " --noask Dont ask password if needed\n" . "\n" - . " Performance and Reporting Options\n" - . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" - . " (Recommended for servers with many tables)\n" - . " --skippassword Don't perform checks on user passwords(default: off)\n" - . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" - . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" - . " --forcemem Amount of RAM installed in megabytes\n" - . " --forceswap Amount of swap memory configured in megabytes\n" - . " --passwordfile Path to a password file list(one password by line)\n" - . " Output Options:\n" - . " --silent Don't output anything on screen\n" - . " --nogood Remove OK responses\n" - . " --nobad Remove negative/suggestion responses\n" - . " --noinfo Remove informational responses\n" - . " --debug Print debug information\n" - . " --dbstat Print database information\n" - . " --idxstat Print index information\n" - . " --bannedports Ports banned separated by comma(,)\n" - . " --maxportallowed Number of ports opened allowed on this hosts\n" - . " --cvefile CVE File for vulnerability checks\n" - . " --nocolor Don't print output in color\n" - . " --json Print result as JSON string\n" - . " --prettyjson Print result as human readable JSON\n" - . " --buffers Print global and per-thread buffer values\n" - . " --outputfile Path to a output txt file\n" . "\n" - . " --reportfile Path to a report txt file\n" . "\n" - . " --template Path to a template file\n" . "\n" - . " --verbose Prints out all options (default: no verbose) \n" . "\n"; - exit 0; + # Shown with --help option passed + print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" + . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" + . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" + . "\n" + . " Important Usage Guidelines:\n" + . " To run the script with the default options, run the script without arguments\n" + . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" + . " Some routines may require root level privileges (script will provide warnings)\n" + . " You must provide the remote server's total memory when connecting to other servers\n" + . "\n" + . " Connection and Authentication\n" + . " --host Connect to a remote host to perform tests (default: localhost)\n" + . " --socket Use a different socket for a local connection\n" + . " --port Port to use for connection (default: 3306)\n" + . " --user Username to use for authentication\n" + . " --pass Password to use for authentication\n" + . " --mysqladmin Path to a custom mysqladmin executable\n" + . " --mysqlcmd Path to a custom mysql executable\n" . "\n" + . " --noask Dont ask password if needed\n" . "\n" + . " Performance and Reporting Options\n" + . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" + . " (Recommended for servers with many tables)\n" + . " --skippassword Don't perform checks on user passwords(default: off)\n" + . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" + . " --forcemem Amount of RAM installed in megabytes\n" + . " --forceswap Amount of swap memory configured in megabytes\n" + . " --passwordfile Path to a password file list(one password by line)\n" + . " Output Options:\n" + . " --silent Don't output anything on screen\n" + . " --nogood Remove OK responses\n" + . " --nobad Remove negative/suggestion responses\n" + . " --noinfo Remove informational responses\n" + . " --debug Print debug information\n" + . " --dbstat Print database information\n" + . " --idxstat Print index information\n" + . " --bannedports Ports banned separated by comma(,)\n" + . " --maxportallowed Number of ports opened allowed on this hosts\n" + . " --cvefile CVE File for vulnerability checks\n" + . " --nocolor Don't print output in color\n" + . " --json Print result as JSON string\n" + . " --buffers Print global and per-thread buffer values\n" + . " --outputfile Path to a output txt file\n" . "\n" + . " --reportfile Path to a report txt file\n" . "\n" + . " --template Path to a template file\n" . "\n"; + exit 0; } my $devnull = File::Spec->devnull(); @@ -171,15 +159,6 @@ my $basic_password_files = $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" unless -f "$basic_password_files"; -# check if we need to enable verbose mode -if ($opt{verbose}) { - $opt{checkversion} = 1; #Check for updates to MySQLTuner - $opt{dbstat} = 1; #Print database information - $opt{idxstat} = 1; #Print index information - $opt{buffers} = 1; #Print global and per-thread buffer values - $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks -} - # for RPM distributions $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}"); @@ -210,7 +189,7 @@ my %result; # Functions that handle the print styles sub prettyprint { - print $_[0] . "\n" unless ($opt{'silent'} or $opt{'json'}); + print $_[0] . "\n" unless $opt{'silent'}; print $fh $_[0] . "\n" if defined($fh); } sub goodprint { prettyprint $good. " " . $_[0] unless ( $opt{nogood} == 1 ); } @@ -406,8 +385,8 @@ sub os_setup { # Checks for updates to MySQLTuner sub validate_tuner_version { - if ($opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0) { - print "\n" unless ($opt{'silent'} or $opt{'json'}); + if ($opt{checkversion} eq 0) { + print "\n"; infoprint "Skipped version check for MySQLTuner script"; return; } @@ -445,80 +424,12 @@ sub validate_tuner_version { infoprint "Unable to check for the latest MySQLTuner version"; } -# Checks for updates to MySQLTuner -sub update_tuner_version { - if ($opt{'updateversion'} eq 0) { - badprint "Skipped version update for MySQLTuner script"; - print "\n" unless ($opt{'silent'} or $opt{'json'}); - return; - } - - #use Cwd; - my $update; - my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/"; - my @scripts = ("mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv"); - my $totalScripts = scalar(keys @scripts); - my $receivedScripts = 0; - my $httpcli =`which curl`; - - foreach my $script (@scripts) { - - chomp($httpcli); - if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; - - debugprint "$httpcli --connect-timeout 5 -silent '$url$script' > $script"; - $update = `$httpcli --connect-timeout 5 -silent '$url$script' > $script`; - chomp($update); - debugprint "$script updated: $update"; - - if ( -s $script eq 0) { - badprint "Couldn't update $script"; - } else { - ++$receivedScripts; - debugprint "$script updated: $update"; - } - } else { - - $httpcli=`which wget`; - chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; - - debugprint "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; - $update = `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; - chomp($update); - - if ( -s $script eq 0) { - badprint "Couldn't update $script"; - } else { - ++$receivedScripts; - debugprint "$script updated: $update"; - } - - } else { - debugprint "curl and wget are not available."; - infoprint "Unable to check for the latest MySQLTuner version"; - } - } - } - - if ($receivedScripts eq $totalScripts) { - goodprint "Successfully updated MySQLTuner script"; - } else { - badprint "Couldn't update MySQLTuner script"; - } - - exit 0; -} - sub compare_tuner_version { my $remoteversion=shift; debugprint "Remote data: $remoteversion"; #exit 0; if ($remoteversion ne $tunerversion) { badprint "There is a new version of MySQLTuner available ($remoteversion)"; - update_tuner_version(); return; } goodprint "You have the latest version of MySQLTuner($tunerversion)"; @@ -798,14 +709,14 @@ sub select_array { debugprint "PERFORM: $req "; my @result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp(@result); return @result; } @@ -816,14 +727,14 @@ sub select_one { debugprint "PERFORM: $req "; my $result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp($result); return $result; } @@ -976,9 +887,9 @@ sub cve_recommendations { sub get_opened_ports { my @opened_ports=`netstat -ltn`; map { - s/.*:(\d+)\s.*$/$1/; - s/\D//g; - } @opened_ports; + s/.*:(\d+)\s.*$/$1/; + s/\D//g; + } @opened_ports; @opened_ports = sort {$a <=> $b} grep { !/^$/ } @opened_ports; debugprint Dumper \@opened_ports; return @opened_ports; @@ -993,26 +904,26 @@ sub is_open_port { } sub get_process_memory { - my $pid=shift; - return 0 unless -f "/proc/$pid/status"; - my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; - map { - s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge - } @pdata; - return $pdata[0]; + my $pid=shift; + return 0 unless -f "/proc/$pid/status"; + my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; + map { + s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge + } @pdata; + return $pdata[0]; } sub get_other_process_memory { - my @procs=`ps -eo pid,cmd`; - map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; - map {s/\s*?(\d+)\s*.*/$1/g;} @procs; - remove_cr @procs; - @procs=remove_empty @procs; - my $totalMemOther=0; - map { - $totalMemOther+=get_process_memory($_); - } @procs; - return $totalMemOther; + my @procs=`ps -eo pid,cmd`; + map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; + map {s/\s*?(\d+)\s*.*/$1/g;} @procs; + remove_cr @procs; + @procs=remove_empty @procs; + my $totalMemOther=0; + map { + $totalMemOther+=get_process_memory($_); + } @procs; + return $totalMemOther; } sub get_os_release { @@ -1036,34 +947,34 @@ sub system_recommendations { infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; if ( (0.15*$physical_memory) < $omem) { badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; - push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); + push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); } else { } #if ($omem > - #exit 0; + #exit 0; if ($opt{'maxportallowed'} > 0) { my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; if (scalar(@opened_ports) > $opt{'maxportallowed'}) { - badprint "There is too many listening ports: ". scalar(@opened_ports). " opened > ".$opt{'maxportallowed'}. "allowed."; - push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); + badprint "There is too many listening ports: ". scalar(@opened_ports) " opened > ".$opt{'maxportallowed'}. "allowed."; + push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); } else { - goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; + goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; } } foreach my $banport (@banned_ports) { - if ( is_open_port($banport) ) { - badprint "Banned port: $banport is opened.."; - push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); - } else { - goodprint "$banport is not opened."; - } + if ( is_open_port($banport) ) { + badprint "Banned port: $banport is opened.."; + push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); + } else { + goodprint "$banport is not opened."; + } } } @@ -1419,7 +1330,7 @@ sub check_storage_engines { $result{'Databases'}{'List'} = [@dblist]; infoprint "Status: $engines"; if ( mysql_version_ge( 5, 1, 5 ) ) { - # MySQL 5 servers can have table sizes calculated quickly from information schema + # MySQL 5 servers can have table sizes calculated quickly from information schema my @templist = select_array "SELECT ENGINE,SUM(DATA_LENGTH+INDEX_LENGTH),COUNT(ENGINE),SUM(DATA_LENGTH),SUM(INDEX_LENGTH) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'performance_schema', 'mysql') AND ENGINE IS NOT NULL GROUP BY ENGINE ORDER BY ENGINE ASC;"; @@ -2600,12 +2511,12 @@ sub mariadb_threadpool { infoprint "Thread Pool Size: ".$myvar{'thread_pool_size'}. " thread(s)."; if ($myvar{'have_innodb'} eq 'YES') { - if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { - badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; - push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); - push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); - } else { - goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { + badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); + push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); + } else { + goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; } return; } @@ -2628,9 +2539,9 @@ sub mysqsl_pfs { # Performance Schema unless ( defined($myvar{'performance_schema'}) and $myvar{'performance_schema'} eq 'ON' ) { infoprint "Performance schema is disabled."; - } else { - infoprint "Performance schema is enabled."; } + + infoprint "Performance schema is enabled."; } @@ -2996,7 +2907,7 @@ sub mysql_databases { $result{'Databases'}{'All databases'}{'Index Pct'} = percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%"; $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; - print "\n" unless ($opt{'silent'} or $opt{'json'}); + print "\n"; foreach (@dblist) { chomp($_); if ( $_ eq "information_schema" @@ -3045,10 +2956,10 @@ sub mysql_databases { percentage( $dbinfo[3], $dbinfo[4] ) . "%"; $result{'Databases'}{ $dbinfo[0] }{'Total Size'} = $dbinfo[4]; if ($dbinfo[7]>1) { - badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; + badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; push(@generalrec, "Check all table collations are identical for all tables in ".$dbinfo[0]. " database."); } else { - goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; + goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; } if ($dbinfo[8]>1) { badprint $dbinfo[8]. " differents engines for database ".$dbinfo[0]; @@ -3297,7 +3208,7 @@ sub dump_result { exit 1; } my $json = JSON->new->allow_nonref; - print $json->utf8(1)->pretty(($opt{'prettyjson'} ? 1 : 0))->encode(\%result); + print JSON->new->utf8(1)->pretty(1)->encode(%result); } } @@ -3312,7 +3223,7 @@ get_all_vars; # Toss variables/status into hashes get_tuning_info; # Get information about the tuning connexion validate_mysql_version; # Check current MySQL version check_architecture; # Suggest 64-bit upgrade -system_recommendations; # avoid to many service on the same host +system_recommendations; # avoid to many service on the same host check_storage_engines; # Show enabled storage engines mysql_databases; # Show informations about databases mysql_indexes; # Show informations about indexes @@ -3366,34 +3277,33 @@ You must provide the remote server's total memory when connecting to other serve =head1 PERFORMANCE AND REPORTING OPTIONS - --skipsize Don't enumerate tables and their types/sizes (default: on) - (Recommended for servers with many tables) - --skippassword Don't perform checks on user passwords(default: off) - --checkversion Check for updates to MySQLTuner (default: don't check) - --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check) - --forcemem Amount of RAM installed in megabytes - --forceswap Amount of swap memory configured in megabytes - --passwordfile Path to a password file list(one password by line) + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + --skippassword Don't perform checks on user passwords(default: off) + --checkversion Check for updates to MySQLTuner (default: don't check) + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + --passwordfile Path to a password file list(one password by line) =head1 OUTPUT OPTIONS - --silent Don't output anything on screen - --nogood Remove OK responses - --nobad Remove negative/suggestion responses - --noinfo Remove informational responses - --debug Print debug information - --dbstat Print database information - --idxstat Print index information - --bannedports Ports banned separated by comma(,) - --maxportallowed Number of ports opened allowed on this hosts - --cvefile CVE File for vulnerability checks - --nocolor Don't print output in color - --json Print result as JSON string - --buffers Print global and per-thread buffer values - --outputfile Path to a output txt file - --reportfile Path to a report txt file - --template Path to a template file - --verbose Prints out all options (default: no verbose) + --silent Don't output anything on screen + --nogood Remove OK responses + --nobad Remove negative/suggestion responses + --noinfo Remove informational responses + --debug Print debug information + --dbstat Print database information + --idxstat Print index information + --bannedports Ports banned separated by comma(,) + --maxportallowed Number of ports opened allowed on this hosts + --cvefile CVE File for vulnerability checks + --nocolor Don't print output in color + --json Print result as JSON string + --buffers Print global and per-thread buffer values + --outputfile Path to a output txt file + --reportfile Path to a report txt file + --template Path to a template file + =head1 PERLDOC You can find documentation for this module with the perldoc command. From 031898858b24fb1b4bb8852b57d75561caaa8fb6 Mon Sep 17 00:00:00 2001 From: DutchProgrammer Date: Thu, 24 Mar 2016 23:58:48 +0100 Subject: [PATCH 033/237] fix for perl 5.10 and 5.8 --- mysqltuner.pl | 434 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 262 insertions(+), 172 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index aa71a9b..5d489af 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,7 +1,7 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.8 +# mysqltuner.pl - Version 1.6.9 # High Performance MySQL Tuning Script -# Copyright (C) 2006-2015 Major Hayden - major@mhtx.net +# Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # # For the latest updates, please visit http://mysqltuner.com/ # Git repository available at http://github.com/major/MySQLTuner-perl @@ -51,102 +51,114 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # Set up a few variables for use in the script -my $tunerversion = "1.6.8"; +my $tunerversion = "1.6.9"; my ( @adjvars, @generalrec ); # Set defaults my %opt = ( - "silent" => 0, - "nobad" => 0, - "nogood" => 0, - "noinfo" => 0, - "debug" => 0, - "nocolor" => 0, - "forcemem" => 0, - "forceswap" => 0, - "host" => 0, - "socket" => 0, - "port" => 0, - "user" => 0, - "pass" => 0, - "skipsize" => 0, - "checkversion" => 0, - "buffers" => 0, - "passwordfile" => 0, - "bannedports" => '', - "maxportallowed"=> 0, - "outputfile" => 0, - "dbstat" => 0, - "idxstat" => 0, - "skippassword" => 0, - "noask" => 0, - "template" => 0, - "json" => 0, - "reportfile" => 0 + "silent" => 0, + "nobad" => 0, + "nogood" => 0, + "noinfo" => 0, + "debug" => 0, + "nocolor" => 0, + "forcemem" => 0, + "forceswap" => 0, + "host" => 0, + "socket" => 0, + "port" => 0, + "user" => 0, + "pass" => 0, + "skipsize" => 0, + "checkversion" => 0, + "updateversion" => 0, + "buffers" => 0, + "passwordfile" => 0, + "bannedports" => '', + "maxportallowed" => 0, + "outputfile" => 0, + "dbstat" => 0, + "idxstat" => 0, + "skippassword" => 0, + "noask" => 0, + "template" => 0, + "json" => 0, + "prettyjson" => 0, + "reportfile" => 0, + "verbose" => 0 ); # Gather the options from the command line -GetOptions( - \%opt, 'nobad', 'nogood', 'noinfo', - 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', - 'host=s', 'socket=s', 'port=i', 'user=s', - 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', - 'mysqlcmd=s', 'help', 'buffers', 'skippassword', - 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', - 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', - 'bannedports=s','maxportallowed=s', +my $getOptionsCheck = GetOptions( + \%opt, 'nobad', 'nogood', 'noinfo', + 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', + 'host=s', 'socket=s', 'port=i', 'user=s', + 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', + 'mysqlcmd=s', 'help', 'buffers', 'skippassword', + 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', + 'json', 'prettyjson', 'idxstat', 'noask', + 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', + 'updateversion', 'maxportallowed=s', 'verbose' ); +#If params are incorrect return help +if ($getOptionsCheck ne 1) { + usage(); +} + if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } sub usage { - # Shown with --help option passed - print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" - . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" - . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" - . "\n" - . " Important Usage Guidelines:\n" - . " To run the script with the default options, run the script without arguments\n" - . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" - . " Some routines may require root level privileges (script will provide warnings)\n" - . " You must provide the remote server's total memory when connecting to other servers\n" - . "\n" - . " Connection and Authentication\n" - . " --host Connect to a remote host to perform tests (default: localhost)\n" - . " --socket Use a different socket for a local connection\n" - . " --port Port to use for connection (default: 3306)\n" - . " --user Username to use for authentication\n" - . " --pass Password to use for authentication\n" - . " --mysqladmin Path to a custom mysqladmin executable\n" - . " --mysqlcmd Path to a custom mysql executable\n" . "\n" - . " --noask Dont ask password if needed\n" . "\n" - . " Performance and Reporting Options\n" - . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" - . " (Recommended for servers with many tables)\n" - . " --skippassword Don't perform checks on user passwords(default: off)\n" - . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" - . " --forcemem Amount of RAM installed in megabytes\n" - . " --forceswap Amount of swap memory configured in megabytes\n" - . " --passwordfile Path to a password file list(one password by line)\n" - . " Output Options:\n" - . " --silent Don't output anything on screen\n" - . " --nogood Remove OK responses\n" - . " --nobad Remove negative/suggestion responses\n" - . " --noinfo Remove informational responses\n" - . " --debug Print debug information\n" - . " --dbstat Print database information\n" - . " --idxstat Print index information\n" - . " --bannedports Ports banned separated by comma(,)\n" - . " --maxportallowed Number of ports opened allowed on this hosts\n" - . " --cvefile CVE File for vulnerability checks\n" - . " --nocolor Don't print output in color\n" - . " --json Print result as JSON string\n" - . " --buffers Print global and per-thread buffer values\n" - . " --outputfile Path to a output txt file\n" . "\n" - . " --reportfile Path to a report txt file\n" . "\n" - . " --template Path to a template file\n" . "\n"; - exit 0; + # Shown with --help option passed + print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" + . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" + . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" + . "\n" + . " Important Usage Guidelines:\n" + . " To run the script with the default options, run the script without arguments\n" + . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" + . " Some routines may require root level privileges (script will provide warnings)\n" + . " You must provide the remote server's total memory when connecting to other servers\n" + . "\n" + . " Connection and Authentication\n" + . " --host Connect to a remote host to perform tests (default: localhost)\n" + . " --socket Use a different socket for a local connection\n" + . " --port Port to use for connection (default: 3306)\n" + . " --user Username to use for authentication\n" + . " --pass Password to use for authentication\n" + . " --mysqladmin Path to a custom mysqladmin executable\n" + . " --mysqlcmd Path to a custom mysql executable\n" . "\n" + . " --noask Dont ask password if needed\n" . "\n" + . " Performance and Reporting Options\n" + . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" + . " (Recommended for servers with many tables)\n" + . " --skippassword Don't perform checks on user passwords(default: off)\n" + . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" + . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" + . " --forcemem Amount of RAM installed in megabytes\n" + . " --forceswap Amount of swap memory configured in megabytes\n" + . " --passwordfile Path to a password file list(one password by line)\n" + . " Output Options:\n" + . " --silent Don't output anything on screen\n" + . " --nogood Remove OK responses\n" + . " --nobad Remove negative/suggestion responses\n" + . " --noinfo Remove informational responses\n" + . " --debug Print debug information\n" + . " --dbstat Print database information\n" + . " --idxstat Print index information\n" + . " --bannedports Ports banned separated by comma(,)\n" + . " --maxportallowed Number of ports opened allowed on this hosts\n" + . " --cvefile CVE File for vulnerability checks\n" + . " --nocolor Don't print output in color\n" + . " --json Print result as JSON string\n" + . " --prettyjson Print result as human readable JSON\n" + . " --buffers Print global and per-thread buffer values\n" + . " --outputfile Path to a output txt file\n" . "\n" + . " --reportfile Path to a report txt file\n" . "\n" + . " --template Path to a template file\n" . "\n" + . " --verbose Prints out all options (default: no verbose) \n" . "\n"; + exit 0; } my $devnull = File::Spec->devnull(); @@ -159,6 +171,15 @@ my $basic_password_files = $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" unless -f "$basic_password_files"; +# check if we need to enable verbose mode +if ($opt{verbose}) { + $opt{checkversion} = 1; #Check for updates to MySQLTuner + $opt{dbstat} = 1; #Print database information + $opt{idxstat} = 1; #Print index information + $opt{buffers} = 1; #Print global and per-thread buffer values + $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks +} + # for RPM distributions $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}"); @@ -189,7 +210,7 @@ my %result; # Functions that handle the print styles sub prettyprint { - print $_[0] . "\n" unless $opt{'silent'}; + print $_[0] . "\n" unless ($opt{'silent'} or $opt{'json'}); print $fh $_[0] . "\n" if defined($fh); } sub goodprint { prettyprint $good. " " . $_[0] unless ( $opt{nogood} == 1 ); } @@ -385,8 +406,8 @@ sub os_setup { # Checks for updates to MySQLTuner sub validate_tuner_version { - if ($opt{checkversion} eq 0) { - print "\n"; + if ($opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0) { + print "\n" unless ($opt{'silent'} or $opt{'json'}); infoprint "Skipped version check for MySQLTuner script"; return; } @@ -424,12 +445,80 @@ sub validate_tuner_version { infoprint "Unable to check for the latest MySQLTuner version"; } +# Checks for updates to MySQLTuner +sub update_tuner_version { + if ($opt{'updateversion'} eq 0) { + badprint "Skipped version update for MySQLTuner script"; + print "\n" unless ($opt{'silent'} or $opt{'json'}); + return; + } + + #use Cwd; + my $update; + my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/"; + my @scripts = ("mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv"); + my $totalScripts = scalar(@scripts); + my $receivedScripts = 0; + my $httpcli =`which curl`; + + foreach my $script (@scripts) { + + chomp($httpcli); + if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; + + debugprint "$httpcli --connect-timeout 5 -silent '$url$script' > $script"; + $update = `$httpcli --connect-timeout 5 -silent '$url$script' > $script`; + chomp($update); + debugprint "$script updated: $update"; + + if ( -s $script eq 0) { + badprint "Couldn't update $script"; + } else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + } else { + + $httpcli=`which wget`; + chomp($httpcli); + if ( defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; + + debugprint "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; + $update = `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; + chomp($update); + + if ( -s $script eq 0) { + badprint "Couldn't update $script"; + } else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + + } else { + debugprint "curl and wget are not available."; + infoprint "Unable to check for the latest MySQLTuner version"; + } + } + } + + if ($receivedScripts eq $totalScripts) { + goodprint "Successfully updated MySQLTuner script"; + } else { + badprint "Couldn't update MySQLTuner script"; + } + + exit 0; +} + sub compare_tuner_version { my $remoteversion=shift; debugprint "Remote data: $remoteversion"; #exit 0; if ($remoteversion ne $tunerversion) { badprint "There is a new version of MySQLTuner available ($remoteversion)"; + update_tuner_version(); return; } goodprint "You have the latest version of MySQLTuner($tunerversion)"; @@ -709,14 +798,14 @@ sub select_array { debugprint "PERFORM: $req "; my @result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp(@result); return @result; } @@ -727,14 +816,14 @@ sub select_one { debugprint "PERFORM: $req "; my $result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp($result); return $result; } @@ -887,9 +976,9 @@ sub cve_recommendations { sub get_opened_ports { my @opened_ports=`netstat -ltn`; map { - s/.*:(\d+)\s.*$/$1/; - s/\D//g; - } @opened_ports; + s/.*:(\d+)\s.*$/$1/; + s/\D//g; + } @opened_ports; @opened_ports = sort {$a <=> $b} grep { !/^$/ } @opened_ports; debugprint Dumper \@opened_ports; return @opened_ports; @@ -904,26 +993,26 @@ sub is_open_port { } sub get_process_memory { - my $pid=shift; - return 0 unless -f "/proc/$pid/status"; - my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; - map { - s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge - } @pdata; - return $pdata[0]; + my $pid=shift; + return 0 unless -f "/proc/$pid/status"; + my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; + map { + s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge + } @pdata; + return $pdata[0]; } sub get_other_process_memory { - my @procs=`ps -eo pid,cmd`; - map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; - map {s/\s*?(\d+)\s*.*/$1/g;} @procs; - remove_cr @procs; - @procs=remove_empty @procs; - my $totalMemOther=0; - map { - $totalMemOther+=get_process_memory($_); - } @procs; - return $totalMemOther; + my @procs=`ps -eo pid,cmd`; + map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; + map {s/\s*?(\d+)\s*.*/$1/g;} @procs; + remove_cr @procs; + @procs=remove_empty @procs; + my $totalMemOther=0; + map { + $totalMemOther+=get_process_memory($_); + } @procs; + return $totalMemOther; } sub get_os_release { @@ -947,34 +1036,34 @@ sub system_recommendations { infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; if ( (0.15*$physical_memory) < $omem) { badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; - push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); + push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); } else { } #if ($omem > - #exit 0; + #exit 0; if ($opt{'maxportallowed'} > 0) { my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; if (scalar(@opened_ports) > $opt{'maxportallowed'}) { - badprint "There is too many listening ports: ". scalar(@opened_ports) " opened > ".$opt{'maxportallowed'}. "allowed."; - push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); + badprint "There is too many listening ports: ". scalar(@opened_ports). " opened > ".$opt{'maxportallowed'}. "allowed."; + push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); } else { - goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; + goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; } } foreach my $banport (@banned_ports) { - if ( is_open_port($banport) ) { - badprint "Banned port: $banport is opened.."; - push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); - } else { - goodprint "$banport is not opened."; - } + if ( is_open_port($banport) ) { + badprint "Banned port: $banport is opened.."; + push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); + } else { + goodprint "$banport is not opened."; + } } } @@ -1330,7 +1419,7 @@ sub check_storage_engines { $result{'Databases'}{'List'} = [@dblist]; infoprint "Status: $engines"; if ( mysql_version_ge( 5, 1, 5 ) ) { - # MySQL 5 servers can have table sizes calculated quickly from information schema + # MySQL 5 servers can have table sizes calculated quickly from information schema my @templist = select_array "SELECT ENGINE,SUM(DATA_LENGTH+INDEX_LENGTH),COUNT(ENGINE),SUM(DATA_LENGTH),SUM(INDEX_LENGTH) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'performance_schema', 'mysql') AND ENGINE IS NOT NULL GROUP BY ENGINE ORDER BY ENGINE ASC;"; @@ -2511,12 +2600,12 @@ sub mariadb_threadpool { infoprint "Thread Pool Size: ".$myvar{'thread_pool_size'}. " thread(s)."; if ($myvar{'have_innodb'} eq 'YES') { - if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { - badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; - push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); - push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); - } else { - goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { + badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); + push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); + } else { + goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; } return; } @@ -2539,9 +2628,9 @@ sub mysqsl_pfs { # Performance Schema unless ( defined($myvar{'performance_schema'}) and $myvar{'performance_schema'} eq 'ON' ) { infoprint "Performance schema is disabled."; + } else { + infoprint "Performance schema is enabled."; } - - infoprint "Performance schema is enabled."; } @@ -2907,7 +2996,7 @@ sub mysql_databases { $result{'Databases'}{'All databases'}{'Index Pct'} = percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%"; $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; - print "\n"; + print "\n" unless ($opt{'silent'} or $opt{'json'}); foreach (@dblist) { chomp($_); if ( $_ eq "information_schema" @@ -2956,10 +3045,10 @@ sub mysql_databases { percentage( $dbinfo[3], $dbinfo[4] ) . "%"; $result{'Databases'}{ $dbinfo[0] }{'Total Size'} = $dbinfo[4]; if ($dbinfo[7]>1) { - badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; + badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; push(@generalrec, "Check all table collations are identical for all tables in ".$dbinfo[0]. " database."); } else { - goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; + goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; } if ($dbinfo[8]>1) { badprint $dbinfo[8]. " differents engines for database ".$dbinfo[0]; @@ -3208,7 +3297,7 @@ sub dump_result { exit 1; } my $json = JSON->new->allow_nonref; - print JSON->new->utf8(1)->pretty(1)->encode(%result); + print $json->utf8(1)->pretty(($opt{'prettyjson'} ? 1 : 0))->encode(\%result); } } @@ -3223,7 +3312,7 @@ get_all_vars; # Toss variables/status into hashes get_tuning_info; # Get information about the tuning connexion validate_mysql_version; # Check current MySQL version check_architecture; # Suggest 64-bit upgrade -system_recommendations; # avoid to many service on the same host +system_recommendations; # avoid to many service on the same host check_storage_engines; # Show enabled storage engines mysql_databases; # Show informations about databases mysql_indexes; # Show informations about indexes @@ -3277,33 +3366,34 @@ You must provide the remote server's total memory when connecting to other serve =head1 PERFORMANCE AND REPORTING OPTIONS - --skipsize Don't enumerate tables and their types/sizes (default: on) - (Recommended for servers with many tables) - --skippassword Don't perform checks on user passwords(default: off) - --checkversion Check for updates to MySQLTuner (default: don't check) - --forcemem Amount of RAM installed in megabytes - --forceswap Amount of swap memory configured in megabytes - --passwordfile Path to a password file list(one password by line) + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + --skippassword Don't perform checks on user passwords(default: off) + --checkversion Check for updates to MySQLTuner (default: don't check) + --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check) + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + --passwordfile Path to a password file list(one password by line) =head1 OUTPUT OPTIONS - --silent Don't output anything on screen - --nogood Remove OK responses - --nobad Remove negative/suggestion responses - --noinfo Remove informational responses - --debug Print debug information - --dbstat Print database information - --idxstat Print index information - --bannedports Ports banned separated by comma(,) - --maxportallowed Number of ports opened allowed on this hosts - --cvefile CVE File for vulnerability checks - --nocolor Don't print output in color - --json Print result as JSON string - --buffers Print global and per-thread buffer values - --outputfile Path to a output txt file - --reportfile Path to a report txt file - --template Path to a template file - + --silent Don't output anything on screen + --nogood Remove OK responses + --nobad Remove negative/suggestion responses + --noinfo Remove informational responses + --debug Print debug information + --dbstat Print database information + --idxstat Print index information + --bannedports Ports banned separated by comma(,) + --maxportallowed Number of ports opened allowed on this hosts + --cvefile CVE File for vulnerability checks + --nocolor Don't print output in color + --json Print result as JSON string + --buffers Print global and per-thread buffer values + --outputfile Path to a output txt file + --reportfile Path to a report txt file + --template Path to a template file + --verbose Prints out all options (default: no verbose) =head1 PERLDOC You can find documentation for this module with the perldoc command. From c9ebae1e26f80242e14e4a13dd3e9e23cbc92ab3 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 25 Mar 2016 11:57:35 +0100 Subject: [PATCH 034/237] #166 removing test when plugin is unix_socket or win_socket Support for bug https://bugs.mysql.com/bug.php?id=80860 --- mysqltuner.pl | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5d489af..254338c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -803,7 +803,7 @@ sub select_array { debugprint "CMD : $mysqlcmd"; debugprint "OPTIONS: $mysqllogin"; debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + #exit $?; } debugprint "select_array: return code : $?"; chomp(@result); @@ -821,7 +821,7 @@ sub select_one { debugprint "CMD : $mysqlcmd"; debugprint "OPTIONS: $mysqllogin"; debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - exit $?; + #exit $?; } debugprint "select_array: return code : $?"; chomp($result); @@ -1066,7 +1066,7 @@ sub system_recommendations { } } } - + sub security_recommendations { prettyprint "\n-------- Security Recommendations -------------------------------------------"; @@ -1102,7 +1102,7 @@ sub security_recommendations { # Looking for Empty Password @mysqlstatlist = select_array -"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE $PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL"; +"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')"; if (@mysqlstatlist) { foreach my $line ( sort @mysqlstatlist ) { chomp($line); @@ -1116,6 +1116,14 @@ sub security_recommendations { goodprint "All database users have passwords assigned"; } + if (mysql_version_ge(5,7)) { + my $valPlugin=select_one("select count(*) from information_schema.plugins where PLUGIN_NAME='validate_password' AND PLUGIN_STATUS='ACTIVE'"); + if ($valPlugin>=1) { + infoprint "Bug #80860 MySQL 5.7: Avoid testing password when validate_password is activated"; + return; + } + } + # Looking for User with user/ uppercase /capitalise user as password @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(user) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(user)) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(LEFT(User, 1)) + SUBSTRING(User, 2, LENGTH(User)))"; From 3f8ca6493eab4121939896be252385771a283a02 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 25 Mar 2016 14:32:15 +0100 Subject: [PATCH 035/237] Adding disk space and inode control other fs mountpoint #165 --- mysqltuner.pl | 46 +++++++++++++++++++++++++++++++++++++++------- 1 file changed, 39 insertions(+), 7 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 254338c..79d187a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1021,6 +1021,40 @@ sub get_os_release { remove_cr @info_release; return $info_release[0]; } + +sub get_fs_info() { + my @sinfo=`df -P | grep '%'`; + shift @sinfo; + my @iinfo=`df -Pi| grep '%'`; + shift @iinfo; + map { + s/.*\s(\d+)%\s+(.*)/$1\t$2/g + } @sinfo; + foreach my $info (@sinfo) { + if ($info =~ /(\d+)\t(.*)/) { + if ($1 > 85) { + badprint "mount point $2 is using $1 % total space"; + push(@generalrec, "Add some space to $2 mountpoint.") + } else { + infoprint "mount point $2 is using $1 % of total space"; + } + } + } + + map { + s/.*\s(\d+)%\s+(.*)/$1\t$2/g + } @iinfo; + foreach my $info (@iinfo) { + if ($info =~ /(\d+)\t(.*)/) { + if ($1 > 85) { + badprint "mount point $2 is using $1 % of max allowed inodes"; + push(@generalrec, "Cleanup files from $2 mountpoint or reformat you filesystem.") + } else { + infoprint "mount point $2 is using $1 % of max allowed inodes"; + } + } + } +} sub system_recommendations { prettyprint "\n-------- System Linux Recommendations ---------------------------------------"; my $os = `uname`; @@ -1035,17 +1069,13 @@ sub system_recommendations { my $omem=get_other_process_memory; infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; if ( (0.15*$physical_memory) < $omem) { - badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; + badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); - - + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); } else { + infoprint "Other user process except mysqld used less than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; } - #if ($omem > - #exit 0; - if ($opt{'maxportallowed'} > 0) { my @opened_ports=get_opened_ports; infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; @@ -1065,6 +1095,8 @@ sub system_recommendations { goodprint "$banport is not opened."; } } + + get_fs_info; } sub security_recommendations { From a010416b930d4cf8757d0620cf632ecf078eb644 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 25 Mar 2016 16:22:07 +0100 Subject: [PATCH 036/237] Adding lot of system indicators #165 --- mysqltuner.pl | 69 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 67 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 79d187a..11bbc7a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1055,6 +1055,72 @@ sub get_fs_info() { } } } +sub is_virtual_machine() { + my $isVm=`grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`; + return ($isVm==0?1:0); +} + + +sub infocmd { + my $cmd="@_"; + debugprint "CMD: $cmd"; + my @result=`$cmd`; + remove_cr @result; + for my $l (@result) { + infoprint "$l"; + } +} +sub infocmd_tab { + my $cmd="@_"; + debugprint "CMD: $cmd"; + my @result=`$cmd`; + remove_cr @result; + for my $l (@result) { + infoprint "\t$l"; + } +} +sub infocmd_one { + my $cmd="@_"; + my @result=`$cmd`; + remove_cr @result; + return join ', ' ,@result; +} + +sub get_system_info() +{ +infoprint get_os_release; +if (is_virtual_machine) { + infoprint "Machine type : Virtual machine"; + } else { + infoprint "Machine type : Physical machine"; +} + +`ping -c 1 google.com &>/dev/null`; +my $isConnected=$?; +if ($? == 0) { + infoprint "Internet : Connected"; +} else { + badprint "Internet : Disconnected"; + } +infoprint "Operating System Type : " . infocmd_one "uname -o"; +infoprint "Kernel Release : ". infocmd_one "uname -r"; +infoprint "Hostname : $ENV{'HOSTNAME'}"; +infoprint "Network Cards : "; +infocmd_tab "ifconfig| grep -A1 mtu"; +infoprint "Internal IP : ". infocmd_one "hostname -I"; +infoprint "External IP : ". infocmd_one "curl -s ipecho.net/plain" if $isConnected==0; +badprint "External IP : Can't check because of Internet connectivity" if $isConnected!=0; +infoprint "Name Servers : ". infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; +infoprint "Logged In users : "; +infocmd_tab "who"; +infoprint "Ram Usages :"; +infocmd_tab "free -h | grep -v +"; +infoprint "Load Average : "; +infocmd_tab "top -n 1 -b | grep 'load average:'"; + +#infoprint "System Uptime Days/(HH:MM) : `uptime | awk '{print $3,$4}' | cut -f1 -d,`"; +} + sub system_recommendations { prettyprint "\n-------- System Linux Recommendations ---------------------------------------"; my $os = `uname`; @@ -1064,8 +1130,7 @@ sub system_recommendations { } prettyprint "Look for related Linux system recommandations"; #prettyprint '-'x78; - infoprint get_os_release; - + get_system_info(); my $omem=get_other_process_memory; infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; if ( (0.15*$physical_memory) < $omem) { From ae48a655713398af01b1eaa870860bf3dfbcb62b Mon Sep 17 00:00:00 2001 From: zhil Date: Mon, 28 Mar 2016 16:31:52 +0300 Subject: [PATCH 037/237] Update README.md fixed parameter --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f431b20..c16c7fa 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ __Usage:__ Minimal usage locally __Usage:__ Minimal usage remotely - perl mysqltuner.pl --host targetDNS_IP --user admin_user --password admin_password + perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password __Usage:__ Enable maximum output information around MySQL/MariaDb without debugging From 94ee62a6e0b2d988d7e7e4d41ed7e9aa91bc07a9 Mon Sep 17 00:00:00 2001 From: amq Date: Tue, 29 Mar 2016 01:27:41 +0200 Subject: [PATCH 038/237] Fix grammar --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 11bbc7a..cfa0d18 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1136,7 +1136,7 @@ sub system_recommendations { if ( (0.15*$physical_memory) < $omem) { badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE IS TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCURS !" ); + push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE ARE TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCUR!" ); } else { infoprint "Other user process except mysqld used less than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; } From cb5a1c528ee3bea5d5288ef61b5547300d697479 Mon Sep 17 00:00:00 2001 From: Robert Milasan Date: Tue, 29 Mar 2016 09:51:48 +0200 Subject: [PATCH 039/237] Fix is_virtual_machine function return, drop ENV{'HOSTNAME'} for hostname cmd, some machines don't have HOSTNAME set --- mysqltuner.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 11bbc7a..b1a5816 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1057,7 +1057,7 @@ sub get_fs_info() { } sub is_virtual_machine() { my $isVm=`grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`; - return ($isVm==0?1:0); + return ($isVm==0?0:1); } @@ -1102,9 +1102,9 @@ if ($? == 0) { } else { badprint "Internet : Disconnected"; } -infoprint "Operating System Type : " . infocmd_one "uname -o"; +infoprint "Operating System Type : ". infocmd_one "uname -o"; infoprint "Kernel Release : ". infocmd_one "uname -r"; -infoprint "Hostname : $ENV{'HOSTNAME'}"; +infoprint "Hostname : ". infocmd_one "hostname"; infoprint "Network Cards : "; infocmd_tab "ifconfig| grep -A1 mtu"; infoprint "Internal IP : ". infocmd_one "hostname -I"; @@ -1113,7 +1113,7 @@ badprint "External IP : Can't check because of Internet connectivity" infoprint "Name Servers : ". infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; infoprint "Logged In users : "; infocmd_tab "who"; -infoprint "Ram Usages :"; +infoprint "Ram Usages : "; infocmd_tab "free -h | grep -v +"; infoprint "Load Average : "; infocmd_tab "top -n 1 -b | grep 'load average:'"; From 35ebd1cb5879d9c53dfb6ac295f63d9cb8f78e37 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Mar 2016 14:09:25 +0200 Subject: [PATCH 040/237] Update USAGE.md --- USAGE.md | 51 +++++++++++++++++++++++++++------------------------ 1 file changed, 27 insertions(+), 24 deletions(-) diff --git a/USAGE.md b/USAGE.md index ddaf5fc..c5fbc92 100644 --- a/USAGE.md +++ b/USAGE.md @@ -1,6 +1,6 @@ # NAME - MySQLTuner 1.6.4 - MySQL High Performance Tuning Script + MySQLTuner 1.6.8 - MySQL High Performance Tuning Script # IMPORTANT USAGE GUIDELINES @@ -21,32 +21,35 @@ You must provide the remote server's total memory when connecting to other serve # PERFORMANCE AND REPORTING OPTIONS - --skipsize Don't enumerate tables and their types/sizes (default: on) - (Recommended for servers with many tables) - --skippassword Don't perform checks on user passwords(default: off) - --checkversion Check for updates to MySQLTuner (default: don't check) - --forcemem Amount of RAM installed in megabytes - --forceswap Amount of swap memory configured in megabytes - --passwordfile Path to a password file list(one password by line) + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + --skippassword Don't perform checks on user passwords(default: off) + --checkversion Check for updates to MySQLTuner (default: don't check) + --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check) + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + --passwordfile Path to a password file list(one password by line) # OUTPUT OPTIONS - --silent Don't output anything on screen - --nogood Remove OK responses - --nobad Remove negative/suggestion responses - --noinfo Remove informational responses - --debug Print debug information - --dbstat Print database information - --idxstat Print index information - --cvefile CVE File for vulnerability checks - --nocolor Don't print output in color - --json Print result as JSON string - --buffers Print global and per-thread buffer values - --outputfile Path to a output txt file - --reportfile Path to a report txt file - --template Path to a template file - -# PERLDOC + --silent Don't output anything on screen + --nogood Remove OK responses + --nobad Remove negative/suggestion responses + --noinfo Remove informational responses + --debug Print debug information + --dbstat Print database information + --idxstat Print index information + --bannedports Ports banned separated by comma(,) + --maxportallowed Number of ports opened allowed on this hosts + --cvefile CVE File for vulnerability checks + --nocolor Don't print output in color + --json Print result as JSON string + --buffers Print global and per-thread buffer values + --outputfile Path to a output txt file + --reportfile Path to a report txt file + --template Path to a template file + --verbose Prints out all options (default: no verbose) + =head1 PERLDOC You can find documentation for this module with the perldoc command. From d3a2d83d7d23887afabbd452368b04d842e82323 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Mar 2016 14:22:45 +0200 Subject: [PATCH 041/237] Just a simple perltidy to cleanup ident in the code. --- mysqltuner.pl | 1283 ++++++++++++++++++++++++++++--------------------- 1 file changed, 727 insertions(+), 556 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 93335e9..6a24c33 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -73,9 +73,9 @@ my %opt = ( "checkversion" => 0, "updateversion" => 0, "buffers" => 0, - "passwordfile" => 0, + "passwordfile" => 0, "bannedports" => '', - "maxportallowed" => 0, + "maxportallowed" => 0, "outputfile" => 0, "dbstat" => 0, "idxstat" => 0, @@ -90,75 +90,85 @@ my %opt = ( # Gather the options from the command line my $getOptionsCheck = GetOptions( - \%opt, 'nobad', 'nogood', 'noinfo', - 'debug', 'nocolor', 'forcemem=i', 'forceswap=i', - 'host=s', 'socket=s', 'port=i', 'user=s', - 'pass=s', 'skipsize', 'checkversion', 'mysqladmin=s', - 'mysqlcmd=s', 'help', 'buffers', 'skippassword', - 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', - 'json', 'prettyjson', 'idxstat', 'noask', - 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', - 'updateversion', 'maxportallowed=s', 'verbose' + \%opt, 'nobad', + 'nogood', 'noinfo', + 'debug', 'nocolor', + 'forcemem=i', 'forceswap=i', + 'host=s', 'socket=s', + 'port=i', 'user=s', + 'pass=s', 'skipsize', + 'checkversion', 'mysqladmin=s', + 'mysqlcmd=s', 'help', + 'buffers', 'skippassword', + 'passwordfile=s', 'outputfile=s', + 'silent', 'dbstat', + 'json', 'prettyjson', + 'idxstat', 'noask', + 'template=s', 'reportfile=s', + 'cvefile=s', 'bannedports=s', + 'updateversion', 'maxportallowed=s', + 'verbose' ); #If params are incorrect return help -if ($getOptionsCheck ne 1) { - usage(); +if ( $getOptionsCheck ne 1 ) { + usage(); } if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } sub usage { - # Shown with --help option passed - print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" - . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" - . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" - . "\n" - . " Important Usage Guidelines:\n" - . " To run the script with the default options, run the script without arguments\n" - . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" - . " Some routines may require root level privileges (script will provide warnings)\n" - . " You must provide the remote server's total memory when connecting to other servers\n" - . "\n" - . " Connection and Authentication\n" - . " --host Connect to a remote host to perform tests (default: localhost)\n" - . " --socket Use a different socket for a local connection\n" - . " --port Port to use for connection (default: 3306)\n" - . " --user Username to use for authentication\n" - . " --pass Password to use for authentication\n" - . " --mysqladmin Path to a custom mysqladmin executable\n" - . " --mysqlcmd Path to a custom mysql executable\n" . "\n" - . " --noask Dont ask password if needed\n" . "\n" - . " Performance and Reporting Options\n" - . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" - . " (Recommended for servers with many tables)\n" - . " --skippassword Don't perform checks on user passwords(default: off)\n" - . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" - . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" - . " --forcemem Amount of RAM installed in megabytes\n" - . " --forceswap Amount of swap memory configured in megabytes\n" - . " --passwordfile Path to a password file list(one password by line)\n" - . " Output Options:\n" - . " --silent Don't output anything on screen\n" - . " --nogood Remove OK responses\n" - . " --nobad Remove negative/suggestion responses\n" - . " --noinfo Remove informational responses\n" - . " --debug Print debug information\n" - . " --dbstat Print database information\n" - . " --idxstat Print index information\n" - . " --bannedports Ports banned separated by comma(,)\n" - . " --maxportallowed Number of ports opened allowed on this hosts\n" - . " --cvefile CVE File for vulnerability checks\n" - . " --nocolor Don't print output in color\n" - . " --json Print result as JSON string\n" - . " --prettyjson Print result as human readable JSON\n" - . " --buffers Print global and per-thread buffer values\n" - . " --outputfile Path to a output txt file\n" . "\n" - . " --reportfile Path to a report txt file\n" . "\n" - . " --template Path to a template file\n" . "\n" - . " --verbose Prints out all options (default: no verbose) \n" . "\n"; - exit 0; + # Shown with --help option passed + print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n" + . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n" + . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n" + . "\n" + . " Important Usage Guidelines:\n" + . " To run the script with the default options, run the script without arguments\n" + . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n" + . " Some routines may require root level privileges (script will provide warnings)\n" + . " You must provide the remote server's total memory when connecting to other servers\n" + . "\n" + . " Connection and Authentication\n" + . " --host Connect to a remote host to perform tests (default: localhost)\n" + . " --socket Use a different socket for a local connection\n" + . " --port Port to use for connection (default: 3306)\n" + . " --user Username to use for authentication\n" + . " --pass Password to use for authentication\n" + . " --mysqladmin Path to a custom mysqladmin executable\n" + . " --mysqlcmd Path to a custom mysql executable\n" . "\n" + . " --noask Dont ask password if needed\n" . "\n" + . " Performance and Reporting Options\n" + . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" + . " (Recommended for servers with many tables)\n" + . " --skippassword Don't perform checks on user passwords(default: off)\n" + . " --checkversion Check for updates to MySQLTuner (default: don't check)\n" + . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n" + . " --forcemem Amount of RAM installed in megabytes\n" + . " --forceswap Amount of swap memory configured in megabytes\n" + . " --passwordfile Path to a password file list(one password by line)\n" + . " Output Options:\n" + . " --silent Don't output anything on screen\n" + . " --nogood Remove OK responses\n" + . " --nobad Remove negative/suggestion responses\n" + . " --noinfo Remove informational responses\n" + . " --debug Print debug information\n" + . " --dbstat Print database information\n" + . " --idxstat Print index information\n" + . " --bannedports Ports banned separated by comma(,)\n" + . " --maxportallowed Number of ports opened allowed on this hosts\n" + . " --cvefile CVE File for vulnerability checks\n" + . " --nocolor Don't print output in color\n" + . " --json Print result as JSON string\n" + . " --prettyjson Print result as human readable JSON\n" + . " --buffers Print global and per-thread buffer values\n" + . " --outputfile Path to a output txt file\n" . "\n" + . " --reportfile Path to a report txt file\n" . "\n" + . " --template Path to a template file\n" . "\n" + . " --verbose Prints out all options (default: no verbose) \n" + . "\n"; + exit 0; } my $devnull = File::Spec->devnull(); @@ -172,22 +182,22 @@ $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" unless -f "$basic_password_files"; # check if we need to enable verbose mode -if ($opt{verbose}) { - $opt{checkversion} = 1; #Check for updates to MySQLTuner - $opt{dbstat} = 1; #Print database information - $opt{idxstat} = 1; #Print index information - $opt{buffers} = 1; #Print global and per-thread buffer values - $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks +if ( $opt{verbose} ) { + $opt{checkversion} = 1; #Check for updates to MySQLTuner + $opt{dbstat} = 1; #Print database information + $opt{idxstat} = 1; #Print index information + $opt{buffers} = 1; #Print global and per-thread buffer values + $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks } # for RPM distributions $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" - unless ( defined $opt{cvefile} and -f "$opt{cvefile}"); -$opt{cvefile} ='' unless -f "$opt{cvefile}"; -$opt{cvefile} ='./vulnerabilities.csv' if -f './vulnerabilities.csv'; + unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); +$opt{cvefile} = '' unless -f "$opt{cvefile}"; +$opt{cvefile} = './vulnerabilities.csv' if -f './vulnerabilities.csv'; -$opt{'bannedports'}='' unless defined($opt{'bannedports'}); -my @banned_ports=split ',', $opt{'bannedports'}; +$opt{'bannedports'} = '' unless defined( $opt{'bannedports'} ); +my @banned_ports = split ',', $opt{'bannedports'}; # my $outputfile = undef; @@ -210,13 +220,14 @@ my %result; # Functions that handle the print styles sub prettyprint { - print $_[0] . "\n" unless ($opt{'silent'} or $opt{'json'}); + print $_[0] . "\n" unless ( $opt{'silent'} or $opt{'json'} ); print $fh $_[0] . "\n" if defined($fh); } sub goodprint { prettyprint $good. " " . $_[0] unless ( $opt{nogood} == 1 ); } sub infoprint { prettyprint $info. " " . $_[0] unless ( $opt{noinfo} == 1 ); } sub badprint { prettyprint $bad. " " . $_[0] unless ( $opt{nobad} == 1 ); } sub debugprint { prettyprint $deb. " " . $_[0] unless ( $opt{debug} == 0 ); } + sub redwrap { return ( $opt{nocolor} == 0 ) ? "\e[0;31m" . $_[0] . "\e[0m" : $_[0]; } @@ -312,6 +323,7 @@ sub pretty_uptime { my ( $physical_memory, $swap_memory, $duflags ); sub os_setup { + sub memerror { badprint "Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; @@ -328,8 +340,7 @@ sub os_setup { } else { $swap_memory = 0; - badprint - "Assuming 0 MB of swap space (use --forceswap to specify)"; + badprint "Assuming 0 MB of swap space (use --forceswap to specify)"; } } else { @@ -382,12 +393,12 @@ sub os_setup { chomp($swap_memory); $swap_memory = $swap_memory * 1024 * 1024; } - elsif( $os =~ /windows/i ) { + elsif ( $os =~ /windows/i ) { $physical_memory = - `wmic ComputerSystem get TotalPhysicalMemory | perl -ne "chomp; print if /[0-9]+/;"` +`wmic ComputerSystem get TotalPhysicalMemory | perl -ne "chomp; print if /[0-9]+/;"` or memerror; - $swap_memory = - `wmic OS get FreeVirtualMemory | perl -ne "chomp; print if /[0-9]+/;"` + $swap_memory = +`wmic OS get FreeVirtualMemory | perl -ne "chomp; print if /[0-9]+/;"` or memerror; } } @@ -406,135 +417,152 @@ sub os_setup { # Checks for updates to MySQLTuner sub validate_tuner_version { - if ($opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0) { - print "\n" unless ($opt{'silent'} or $opt{'json'}); - infoprint "Skipped version check for MySQLTuner script"; - return; - } + if ( $opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0 ) { + print "\n" unless ( $opt{'silent'} or $opt{'json'} ); + infoprint "Skipped version check for MySQLTuner script"; + return; + } - my $update; - my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl"; - my $httpcli=`which curl`; - chomp($httpcli); - if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; + my $update; + my $url = +"https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl"; + my $httpcli = `which curl`; + chomp($httpcli); + if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; - debugprint "$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2"; - $update = `$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2`; - chomp($update); - debugprint "VERSION: $update"; + debugprint +"$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2"; + $update = +`$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2`; + chomp($update); + debugprint "VERSION: $update"; + compare_tuner_version($update); + return; + } - compare_tuner_version($update); - return; - } + $httpcli = `which wget`; + chomp($httpcli); + if ( defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; - - $httpcli=`which wget`; - chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; - - debugprint "$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2"; - $update = `$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`; - chomp($update); - compare_tuner_version($update); - return; - } - debugprint "curl and wget are not available."; - infoprint "Unable to check for the latest MySQLTuner version"; + debugprint +"$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2"; + $update = +`$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`; + chomp($update); + compare_tuner_version($update); + return; + } + debugprint "curl and wget are not available."; + infoprint "Unable to check for the latest MySQLTuner version"; } # Checks for updates to MySQLTuner sub update_tuner_version { - if ($opt{'updateversion'} eq 0) { - badprint "Skipped version update for MySQLTuner script"; - print "\n" unless ($opt{'silent'} or $opt{'json'}); - return; - } + if ( $opt{'updateversion'} eq 0 ) { + badprint "Skipped version update for MySQLTuner script"; + print "\n" unless ( $opt{'silent'} or $opt{'json'} ); + return; + } - #use Cwd; - my $update; - my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/"; - my @scripts = ("mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv"); - my $totalScripts = scalar(@scripts); - my $receivedScripts = 0; - my $httpcli =`which curl`; + #use Cwd; + my $update; + my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/"; + my @scripts = + ( "mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv" ); + my $totalScripts = scalar(@scripts); + my $receivedScripts = 0; + my $httpcli = `which curl`; - foreach my $script (@scripts) { - - chomp($httpcli); - if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; + foreach my $script (@scripts) { - debugprint "$httpcli --connect-timeout 5 -silent '$url$script' > $script"; - $update = `$httpcli --connect-timeout 5 -silent '$url$script' > $script`; - chomp($update); - debugprint "$script updated: $update"; - - if ( -s $script eq 0) { - badprint "Couldn't update $script"; - } else { - ++$receivedScripts; - debugprint "$script updated: $update"; - } - } else { + chomp($httpcli); + if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; - $httpcli=`which wget`; - chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; + debugprint + "$httpcli --connect-timeout 5 -silent '$url$script' > $script"; + $update = + `$httpcli --connect-timeout 5 -silent '$url$script' > $script`; + chomp($update); + debugprint "$script updated: $update"; - debugprint "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; - $update = `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; - chomp($update); - - if ( -s $script eq 0) { - badprint "Couldn't update $script"; - } else { - ++$receivedScripts; - debugprint "$script updated: $update"; + if ( -s $script eq 0 ) { + badprint "Couldn't update $script"; + } + else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } } + else { - } else { - debugprint "curl and wget are not available."; - infoprint "Unable to check for the latest MySQLTuner version"; - } - } - } + $httpcli = `which wget`; + chomp($httpcli); + if ( defined($httpcli) and -e "$httpcli" ) { + debugprint "$httpcli is available."; - if ($receivedScripts eq $totalScripts) { - goodprint "Successfully updated MySQLTuner script"; - } else { - badprint "Couldn't update MySQLTuner script"; + debugprint + "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; + $update = + `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; + chomp($update); + + if ( -s $script eq 0 ) { + badprint "Couldn't update $script"; + } + else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + + } + else { + debugprint "curl and wget are not available."; + infoprint "Unable to check for the latest MySQLTuner version"; + } + } } - exit 0; + if ( $receivedScripts eq $totalScripts ) { + goodprint "Successfully updated MySQLTuner script"; + } + else { + badprint "Couldn't update MySQLTuner script"; + } + + exit 0; } sub compare_tuner_version { - my $remoteversion=shift; - debugprint "Remote data: $remoteversion"; - #exit 0; - if ($remoteversion ne $tunerversion) { - badprint "There is a new version of MySQLTuner available ($remoteversion)"; - update_tuner_version(); - return; - } - goodprint "You have the latest version of MySQLTuner($tunerversion)"; - return; + my $remoteversion = shift; + debugprint "Remote data: $remoteversion"; + + #exit 0; + if ( $remoteversion ne $tunerversion ) { + badprint + "There is a new version of MySQLTuner available ($remoteversion)"; + update_tuner_version(); + return; + } + goodprint "You have the latest version of MySQLTuner($tunerversion)"; + return; } # Checks to see if a MySQL login is possible my ( $mysqllogin, $doremote, $remotestring, $mysqlcmd, $mysqladmincmd ); my $osname = $^O; -if( $osname eq 'MSWin32' ) { - eval { require Win32; } or last; - $osname = Win32::GetOSName(); - infoprint "* Windows OS($osname) is not fully supported.\n"; - #exit 1; +if ( $osname eq 'MSWin32' ) { + eval { require Win32; } or last; + $osname = Win32::GetOSName(); + infoprint "* Windows OS($osname) is not fully supported.\n"; + + #exit 1; } + sub mysql_setup { $doremote = 0; $remotestring = ''; @@ -551,8 +579,7 @@ sub mysql_setup { exit 1; } elsif ( !-e $mysqladmincmd ) { - badprint - "Couldn't find mysqladmin in your \$PATH. Is MySQL installed?"; + badprint "Couldn't find mysqladmin in your \$PATH. Is MySQL installed?"; exit 1; } if ( $opt{mysqlcmd} ) { @@ -572,11 +599,12 @@ sub mysql_setup { exit 1; } $mysqlcmd =~ s/\n$//g; - my $mysqlclidefaults=`$mysqlcmd --print-defaults`; + my $mysqlclidefaults = `$mysqlcmd --print-defaults`; debugprint "MySQL Client: $mysqlclidefaults"; - if ( $mysqlclidefaults=~/auto-vertical-output/ ) { - badprint "Avoid auto-vertical-output in configuration file(s) for MySQL like"; - exit 1; + if ( $mysqlclidefaults =~ /auto-vertical-output/ ) { + badprint + "Avoid auto-vertical-output in configuration file(s) for MySQL like"; + exit 1; } debugprint "MySQL Client: $mysqlcmd"; @@ -591,25 +619,27 @@ sub mysql_setup { chomp( $opt{host} ); $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port}; - # If we're doing a remote connection, but forcemem wasn't specified, we need to exit - if ( $opt{'forcemem'} eq 0 && ($opt{host} ne "127.0.0.1") && ($opt{host} ne "localhost")) { - badprint - "The --forcemem option is required for remote connections"; +# If we're doing a remote connection, but forcemem wasn't specified, we need to exit + if ( $opt{'forcemem'} eq 0 + && ( $opt{host} ne "127.0.0.1" ) + && ( $opt{host} ne "localhost" ) ) + { + badprint "The --forcemem option is required for remote connections"; exit 1; } infoprint "Performing tests on $opt{host}:$opt{port}"; $remotestring = " -h $opt{host} -P $opt{port}"; - if (($opt{host} ne "127.0.0.1") && ($opt{host} ne "localhost")) { - $doremote = 1; + if ( ( $opt{host} ne "127.0.0.1" ) && ( $opt{host} ne "localhost" ) ) { + $doremote = 1; } } + # Did we already get a username without password on the command line? if ( $opt{user} ne 0 and $opt{pass} eq 0 ) { $mysqllogin = "-u $opt{user} " . $remotestring; my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { - goodprint - "Logged in using credentials passed on the command line"; + goodprint "Logged in using credentials passed on the command line"; return 1; } else { @@ -618,13 +648,13 @@ sub mysql_setup { exit 1; } } + # Did we already get a username and password passed on the command line? if ( $opt{user} ne 0 and $opt{pass} ne 0 ) { $mysqllogin = "-u $opt{user} -p\"$opt{pass}\"" . $remotestring; my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { - goodprint - "Logged in using credentials passed on the command line"; + goodprint "Logged in using credentials passed on the command line"; return 1; } else { @@ -649,8 +679,7 @@ sub mysql_setup { $mysqllogin = "-u $mysql_login -p$mysql_pass"; my $loginstatus = `mysqladmin $mysqllogin ping 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { - goodprint - "Logged in using credentials from mysql-quickbackup."; + goodprint "Logged in using credentials from mysql-quickbackup."; return 1; } else { @@ -661,18 +690,22 @@ sub mysql_setup { } } elsif ( -r "/etc/psa/.psa.shadow" and $doremote == 0 ) { + # It's a Plesk box, use the available credentials $mysqllogin = "-u admin -p`cat /etc/psa/.psa.shadow`"; my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; unless ( $loginstatus =~ /mysqld is alive/ ) { + # Plesk 10+ - $mysqllogin = "-u admin -p`/usr/local/psa/bin/admin --show-password`"; + $mysqllogin = + "-u admin -p`/usr/local/psa/bin/admin --show-password`"; $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; unless ( $loginstatus =~ /mysqld is alive/ ) { - badprint "Attempted to use login credentials from Plesk and Plesk 10+, but they failed."; - exit 1; + badprint +"Attempted to use login credentials from Plesk and Plesk 10+, but they failed."; + exit 1; } - } + } } elsif ( -r "/usr/local/directadmin/conf/mysql.conf" and $doremote == 0 ) { @@ -722,7 +755,7 @@ sub mysql_setup { # Login went just fine $mysqllogin = " $remotestring "; - # Did this go well because of a .my.cnf file or is there no password set? + # Did this go well because of a .my.cnf file or is there no password set? my $userpath = `printenv HOME`; if ( length($userpath) > 0 ) { chomp($userpath); @@ -735,27 +768,29 @@ sub mysql_setup { return 1; } else { - if ( $opt{'noask'}==1 ) { - badprint "Attempted to use login credentials, but they were invalid"; + if ( $opt{'noask'} == 1 ) { + badprint + "Attempted to use login credentials, but they were invalid"; exit 1; } - my ($name, $password); + my ( $name, $password ); + # If --user is defined no need to ask for username - if( $opt{user} ne 0 ) - { + if ( $opt{user} ne 0 ) { $name = $opt{user}; } - else{ + else { print STDERR "Please enter your MySQL administrative login: "; $name = ; } + # If --pass is defined no need to ask for password - if( $opt{pass} ne 0 ) - { + if ( $opt{pass} ne 0 ) { $password = $opt{pass}; } - else{ - print STDERR "Please enter your MySQL administrative password: "; + else { + print STDERR + "Please enter your MySQL administrative password: "; system("stty -echo >$devnull 2>&1"); $password = ; system("stty echo >$devnull 2>&1"); @@ -784,7 +819,8 @@ sub mysql_setup { return 1; } else { - badprint "Attempted to use login credentials, but they were invalid."; + badprint + "Attempted to use login credentials, but they were invalid."; exit 1; } exit 1; @@ -797,15 +833,16 @@ sub select_array { my $req = shift; debugprint "PERFORM: $req "; my @result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; - if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - #exit $?; - } - debugprint "select_array: return code : $?"; + if ( $? != 0 ) { + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + + #exit $?; + } + debugprint "select_array: return code : $?"; chomp(@result); return @result; } @@ -815,15 +852,16 @@ sub select_one { my $req = shift; debugprint "PERFORM: $req "; my $result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; - if ($? != 0) { - badprint "failed to execute: $req"; - badprint "FAIL Execute SQL / return code: $?"; - debugprint "CMD : $mysqlcmd"; - debugprint "OPTIONS: $mysqllogin"; - debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; - #exit $?; - } - debugprint "select_array: return code : $?"; + if ( $? != 0 ) { + badprint "failed to execute: $req"; + badprint "FAIL Execute SQL / return code: $?"; + debugprint "CMD : $mysqlcmd"; + debugprint "OPTIONS: $mysqllogin"; + debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; + + #exit $?; + } + debugprint "select_array: return code : $?"; chomp($result); return $result; } @@ -879,11 +917,14 @@ sub get_all_vars { if ( ( $myvar{'ignore_builtin_innodb'} || "" ) eq "ON" ) { $myvar{'have_innodb'} = "NO"; } - + $myvar{'have_threadpool'} = "NO"; - if ( defined ( $myvar{'thread_pool_size'} ) and $myvar{'thread_pool_size'} > 0 ) { + if ( defined( $myvar{'thread_pool_size'} ) + and $myvar{'thread_pool_size'} > 0 ) + { $myvar{'have_threadpool'} = "YES"; } + # have_* for engines is deprecated and will be removed in MySQL 5.6; # check SHOW ENGINES and set corresponding old style variables. # Also works around MySQL bug #59393 wrt. skip-innodb @@ -927,9 +968,11 @@ sub get_all_vars { sub remove_cr { map { s/\n$//g; } @_; } + sub remove_empty { grep { $_ ne '' } @_; } + sub get_file_contents { my $file = shift; open( FH, "< $file" ) or die "Can't open $file for read: $!"; @@ -946,219 +989,260 @@ sub get_basic_passwords { sub cve_recommendations { prettyprint "\n-------- CVE Security Recommendations ---------------------------------------"; - unless ( defined($opt{cvefile}) && -f "$opt{cvefile}" ) { + unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) { infoprint "Skipped due to --cvefile option undefined"; return; } - #prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; - my $cvefound=0; +#prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; + my $cvefound = 0; open( FH, "<$opt{cvefile}" ) or die "Can't open $opt{cvefile} for read: $!"; - while (my $cveline = ) - { - my @cve=split (';', $cveline); - if (mysql_micro_version_le ($cve[1], $cve[2], $cve[3])) { - badprint "$cve[4] : $cve[5]"; - $cvefound++; - } - + while ( my $cveline = ) { + my @cve = split( ';', $cveline ); + if ( mysql_micro_version_le( $cve[1], $cve[2], $cve[3] ) ) { + badprint "$cve[4] : $cve[5]"; + $cvefound++; + } + } close FH or die "Cannot close $opt{cvefile}: $!"; - if ($cvefound==0) { - goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; - return; - } + if ( $cvefound == 0 ) { + goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; + return; + } badprint $cvefound . " CVE(s) found for your MySQL release."; - push( @generalrec, $cvefound . " CVE(s) found for your MySQL release. Consider upgrading your version !" ); + push( @generalrec, + $cvefound + . " CVE(s) found for your MySQL release. Consider upgrading your version !" + ); } - sub get_opened_ports { - my @opened_ports=`netstat -ltn`; - map { - s/.*:(\d+)\s.*$/$1/; - s/\D//g; - } @opened_ports; - @opened_ports = sort {$a <=> $b} grep { !/^$/ } @opened_ports; - debugprint Dumper \@opened_ports; - return @opened_ports; + my @opened_ports = `netstat -ltn`; + map { + s/.*:(\d+)\s.*$/$1/; + s/\D//g; + } @opened_ports; + @opened_ports = sort { $a <=> $b } grep { !/^$/ } @opened_ports; + debugprint Dumper \@opened_ports; + return @opened_ports; } sub is_open_port { - my $port=shift; - if ( grep { /^$port$/ } get_opened_ports ) { - return 1; - } - return 0; + my $port = shift; + if ( grep { /^$port$/ } get_opened_ports ) { + return 1; + } + return 0; } sub get_process_memory { - my $pid=shift; - return 0 unless -f "/proc/$pid/status"; - my @pdata= grep { /RSS:/ } get_file_contents "/proc/$pid/status"; - map { - s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge - } @pdata; - return $pdata[0]; + my $pid = shift; + return 0 unless -f "/proc/$pid/status"; + my @pdata = grep { /RSS:/ } get_file_contents "/proc/$pid/status"; + map { s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge } @pdata; + return $pdata[0]; } sub get_other_process_memory { - my @procs=`ps -eo pid,cmd`; - map { s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; s/.*PID.*CMD.*//; s/.*systemd.*//;} @procs; - map {s/\s*?(\d+)\s*.*/$1/g;} @procs; - remove_cr @procs; - @procs=remove_empty @procs; - my $totalMemOther=0; - map { - $totalMemOther+=get_process_memory($_); - } @procs; - return $totalMemOther; + my @procs = `ps -eo pid,cmd`; + map { + s/.*mysqld.*//; + s/.*\[.*\].*//; + s/^\s+$//g; + s/.*PID.*CMD.*//; + s/.*systemd.*//; + } @procs; + map { s/\s*?(\d+)\s*.*/$1/g; } @procs; + remove_cr @procs; + @procs = remove_empty @procs; + my $totalMemOther = 0; + map { $totalMemOther += get_process_memory($_); } @procs; + return $totalMemOther; } sub get_os_release { return "Unknown OS release" unless -f "/etc/system-release"; - my @info_release=get_file_contents "/etc/system-release"; + my @info_release = get_file_contents "/etc/system-release"; remove_cr @info_release; return $info_release[0]; } sub get_fs_info() { - my @sinfo=`df -P | grep '%'`; + my @sinfo = `df -P | grep '%'`; shift @sinfo; - my @iinfo=`df -Pi| grep '%'`; + my @iinfo = `df -Pi| grep '%'`; shift @iinfo; - map { - s/.*\s(\d+)%\s+(.*)/$1\t$2/g - } @sinfo; + map { s/.*\s(\d+)%\s+(.*)/$1\t$2/g } @sinfo; foreach my $info (@sinfo) { - if ($info =~ /(\d+)\t(.*)/) { - if ($1 > 85) { - badprint "mount point $2 is using $1 % total space"; - push(@generalrec, "Add some space to $2 mountpoint.") - } else { - infoprint "mount point $2 is using $1 % of total space"; - } - } + if ( $info =~ /(\d+)\t(.*)/ ) { + if ( $1 > 85 ) { + badprint "mount point $2 is using $1 % total space"; + push( @generalrec, "Add some space to $2 mountpoint." ); + } + else { + infoprint "mount point $2 is using $1 % of total space"; + } + } } - - map { - s/.*\s(\d+)%\s+(.*)/$1\t$2/g - } @iinfo; + + map { s/.*\s(\d+)%\s+(.*)/$1\t$2/g } @iinfo; foreach my $info (@iinfo) { - if ($info =~ /(\d+)\t(.*)/) { - if ($1 > 85) { - badprint "mount point $2 is using $1 % of max allowed inodes"; - push(@generalrec, "Cleanup files from $2 mountpoint or reformat you filesystem.") - } else { - infoprint "mount point $2 is using $1 % of max allowed inodes"; - } - } + if ( $info =~ /(\d+)\t(.*)/ ) { + if ( $1 > 85 ) { + badprint "mount point $2 is using $1 % of max allowed inodes"; + push( @generalrec, +"Cleanup files from $2 mountpoint or reformat you filesystem." + ); + } + else { + infoprint "mount point $2 is using $1 % of max allowed inodes"; + } + } } } -sub is_virtual_machine() { - my $isVm=`grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`; - return ($isVm==0?0:1); -} +sub is_virtual_machine() { + my $isVm = `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`; + return ( $isVm == 0 ? 0 : 1 ); +} sub infocmd { - my $cmd="@_"; - debugprint "CMD: $cmd"; - my @result=`$cmd`; - remove_cr @result; - for my $l (@result) { - infoprint "$l"; - } + my $cmd = "@_"; + debugprint "CMD: $cmd"; + my @result = `$cmd`; + remove_cr @result; + for my $l (@result) { + infoprint "$l"; + } } + sub infocmd_tab { - my $cmd="@_"; - debugprint "CMD: $cmd"; - my @result=`$cmd`; - remove_cr @result; - for my $l (@result) { - infoprint "\t$l"; - } + my $cmd = "@_"; + debugprint "CMD: $cmd"; + my @result = `$cmd`; + remove_cr @result; + for my $l (@result) { + infoprint "\t$l"; + } } + sub infocmd_one { - my $cmd="@_"; - my @result=`$cmd`; - remove_cr @result; - return join ', ' ,@result; + my $cmd = "@_"; + my @result = `$cmd`; + remove_cr @result; + return join ', ', @result; } -sub get_system_info() -{ -infoprint get_os_release; -if (is_virtual_machine) { - infoprint "Machine type : Virtual machine"; - } else { - infoprint "Machine type : Physical machine"; -} +sub get_system_info() { + infoprint get_os_release; + if (is_virtual_machine) { + infoprint "Machine type : Virtual machine"; + } + else { + infoprint "Machine type : Physical machine"; + } -`ping -c 1 google.com &>/dev/null`; -my $isConnected=$?; -if ($? == 0) { - infoprint "Internet : Connected"; -} else { - badprint "Internet : Disconnected"; - } -infoprint "Operating System Type : ". infocmd_one "uname -o"; -infoprint "Kernel Release : ". infocmd_one "uname -r"; -infoprint "Hostname : ". infocmd_one "hostname"; -infoprint "Network Cards : "; -infocmd_tab "ifconfig| grep -A1 mtu"; -infoprint "Internal IP : ". infocmd_one "hostname -I"; -infoprint "External IP : ". infocmd_one "curl -s ipecho.net/plain" if $isConnected==0; -badprint "External IP : Can't check because of Internet connectivity" if $isConnected!=0; -infoprint "Name Servers : ". infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; -infoprint "Logged In users : "; -infocmd_tab "who"; -infoprint "Ram Usages : "; -infocmd_tab "free -h | grep -v +"; -infoprint "Load Average : "; -infocmd_tab "top -n 1 -b | grep 'load average:'"; + `ping -c 1 google.com &>/dev/null`; + my $isConnected = $?; + if ( $? == 0 ) { + infoprint "Internet : Connected"; + } + else { + badprint "Internet : Disconnected"; + } + infoprint "Operating System Type : " . infocmd_one "uname -o"; + infoprint "Kernel Release : " . infocmd_one "uname -r"; + infoprint "Hostname : " . infocmd_one "hostname"; + infoprint "Network Cards : "; + infocmd_tab "ifconfig| grep -A1 mtu"; + infoprint "Internal IP : " . infocmd_one "hostname -I"; + infoprint "External IP : " + . infocmd_one "curl -s ipecho.net/plain" + if $isConnected == 0; + badprint + "External IP : Can't check because of Internet connectivity" + if $isConnected != 0; + infoprint "Name Servers : " + . infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; + infoprint "Logged In users : "; + infocmd_tab "who"; + infoprint "Ram Usages : "; + infocmd_tab "free -h | grep -v +"; + infoprint "Load Average : "; + infocmd_tab "top -n 1 -b | grep 'load average:'"; #infoprint "System Uptime Days/(HH:MM) : `uptime | awk '{print $3,$4}' | cut -f1 -d,`"; } sub system_recommendations { - prettyprint "\n-------- System Linux Recommendations ---------------------------------------"; + prettyprint +"\n-------- System Linux Recommendations ---------------------------------------"; my $os = `uname`; - unless ($os =~ /Linux/i) { + unless ( $os =~ /Linux/i ) { infoprint "Skipped due to non Linux server"; return; - } + } prettyprint "Look for related Linux system recommandations"; + #prettyprint '-'x78; get_system_info(); - my $omem=get_other_process_memory; - infoprint "User process except mysqld used ". hr_bytes_rnd($omem) . " RAM."; - if ( (0.15*$physical_memory) < $omem) { - badprint "Other user process except mysqld used more than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; - push( @generalrec, "Consider stopping or dedicate server for additionnal process other than mysqld." ); - push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE ARE TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCUR!" ); - } else { - infoprint "Other user process except mysqld used less than 15% of total physical memory ". percentage($omem, $physical_memory). "% (".hr_bytes_rnd($omem). " / ".hr_bytes_rnd($physical_memory).")"; + my $omem = get_other_process_memory; + infoprint "User process except mysqld used " + . hr_bytes_rnd($omem) . " RAM."; + if ( ( 0.15 * $physical_memory ) < $omem ) { + badprint +"Other user process except mysqld used more than 15% of total physical memory " + . percentage( $omem, $physical_memory ) . "% (" + . hr_bytes_rnd($omem) . " / " + . hr_bytes_rnd($physical_memory) . ")"; + push( @generalrec, +"Consider stopping or dedicate server for additionnal process other than mysqld." + ); + push( @adjvars, +"DON'T APPLY SETTINGS BECAUSE THERE ARE TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCUR!" + ); + } + else { + infoprint +"Other user process except mysqld used less than 15% of total physical memory " + . percentage( $omem, $physical_memory ) . "% (" + . hr_bytes_rnd($omem) . " / " + . hr_bytes_rnd($physical_memory) . ")"; } - if ($opt{'maxportallowed'} > 0) { - my @opened_ports=get_opened_ports; - infoprint "There is ". scalar @opened_ports. " listening port(s) on this server."; - if (scalar(@opened_ports) > $opt{'maxportallowed'}) { - badprint "There is too many listening ports: ". scalar(@opened_ports). " opened > ".$opt{'maxportallowed'}. "allowed."; - push( @generalrec, "Consider dedicating a server for your database installation with less services running on !" ); - } else { - goodprint "There is less than ".$opt{'maxportallowed'}." opened ports on this server."; - } + if ( $opt{'maxportallowed'} > 0 ) { + my @opened_ports = get_opened_ports; + infoprint "There is " + . scalar @opened_ports + . " listening port(s) on this server."; + if ( scalar(@opened_ports) > $opt{'maxportallowed'} ) { + badprint "There is too many listening ports: " + . scalar(@opened_ports) + . " opened > " + . $opt{'maxportallowed'} + . "allowed."; + push( @generalrec, +"Consider dedicating a server for your database installation with less services running on !" + ); + } + else { + goodprint "There is less than " + . $opt{'maxportallowed'} + . " opened ports on this server."; + } } foreach my $banport (@banned_ports) { - if ( is_open_port($banport) ) { - badprint "Banned port: $banport is opened.."; - push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." ); - } else { - goodprint "$banport is not opened."; - } + if ( is_open_port($banport) ) { + badprint "Banned port: $banport is opened.."; + push( @generalrec, +"Port $banport is opened. Consider stopping program handling this port." + ); + } + else { + goodprint "$banport is not opened."; + } } get_fs_info; @@ -1172,16 +1256,17 @@ sub security_recommendations { return; } - my $PASS_COLUMN_NAME='password'; - if ($myvar{'version'} =~ /5.7/) { - $PASS_COLUMN_NAME='authentication_string'; + my $PASS_COLUMN_NAME = 'password'; + if ( $myvar{'version'} =~ /5.7/ ) { + $PASS_COLUMN_NAME = 'authentication_string'; } debugprint "Password column = $PASS_COLUMN_NAME"; - + # Looking for Anonymous users my @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE TRIM(USER) = '' OR USER IS NULL"; debugprint Dumper \@mysqlstatlist; + #exit 0; if (@mysqlstatlist) { foreach my $line ( sort @mysqlstatlist ) { @@ -1213,12 +1298,15 @@ sub security_recommendations { goodprint "All database users have passwords assigned"; } - if (mysql_version_ge(5,7)) { - my $valPlugin=select_one("select count(*) from information_schema.plugins where PLUGIN_NAME='validate_password' AND PLUGIN_STATUS='ACTIVE'"); - if ($valPlugin>=1) { - infoprint "Bug #80860 MySQL 5.7: Avoid testing password when validate_password is activated"; - return; - } + if ( mysql_version_ge( 5, 7 ) ) { + my $valPlugin = select_one( +"select count(*) from information_schema.plugins where PLUGIN_NAME='validate_password' AND PLUGIN_STATUS='ACTIVE'" + ); + if ( $valPlugin >= 1 ) { + infoprint +"Bug #80860 MySQL 5.7: Avoid testing password when validate_password is activated"; + return; + } } # Looking for User with user/ uppercase /capitalise user as password @@ -1322,10 +1410,10 @@ sub get_replication_status { and ( $io_running !~ /yes/i or $sql_running !~ /yes/i ) ) { badprint -"This replication slave is not running but seems to be configurated."; + "This replication slave is not running but seems to be configurated."; } if ( defined($io_running) - && $io_running =~ /yes/i + && $io_running =~ /yes/i && $sql_running =~ /yes/i ) { if ( $myvar{'read_only'} eq 'OFF' ) { @@ -1359,10 +1447,13 @@ sub validate_mysql_version { . $myvar{'version'} . " is EOL software! Upgrade soon!"; } - elsif ( ( mysql_version_ge(6) and mysql_version_le(9) ) or mysql_version_ge(12) ) { + elsif ( ( mysql_version_ge(6) and mysql_version_le(9) ) + or mysql_version_ge(12) ) + { badprint "Currently running unsupported MySQL version " . $myvar{'version'} . ""; - } else { + } + else { goodprint "Currently running supported MySQL version " . $myvar{'version'} . ""; } @@ -1374,8 +1465,7 @@ sub mysql_version_ge { $min ||= 0; $mic ||= 0; return $mysqlvermajor > $maj - || $mysqlvermajor == $maj - && ( $mysqlverminor > $min + || $mysqlvermajor == $maj && ( $mysqlverminor > $min || $mysqlverminor == $min && $mysqlvermicro >= $mic ); } @@ -1385,8 +1475,7 @@ sub mysql_version_le { $min ||= 0; $mic ||= 0; return $mysqlvermajor < $maj - || $mysqlvermajor == $maj - && ( $mysqlverminor < $min + || $mysqlvermajor == $maj && ( $mysqlverminor < $min || $mysqlverminor == $min && $mysqlvermicro <= $mic ); } @@ -1395,7 +1484,7 @@ sub mysql_micro_version_le { my ( $maj, $min, $mic ) = @_; return $mysqlvermajor == $maj && ( $mysqlverminor == $min - && $mysqlvermicro <= $mic ); + && $mysqlvermicro <= $mic ); } # Checks for 32-bit boxes with more than 2GB of RAM @@ -1442,8 +1531,7 @@ sub check_architecture { "Switch to 64-bit OS - MySQL cannot currently use all of your RAM"; } else { - goodprint - "Operating on 32-bit architecture with less than 2GB RAM"; + goodprint "Operating on 32-bit architecture with less than 2GB RAM"; } } $result{'OS'}{'Architecture'} = "$arch bits"; @@ -1519,12 +1607,13 @@ sub check_storage_engines { : redwrap "-NDBCluster "; } - my @dblist = grep {$_ ne 'lost+found' } select_array "SHOW DATABASES"; + my @dblist = grep { $_ ne 'lost+found' } select_array "SHOW DATABASES"; $result{'Databases'}{'List'} = [@dblist]; infoprint "Status: $engines"; if ( mysql_version_ge( 5, 1, 5 ) ) { - # MySQL 5 servers can have table sizes calculated quickly from information schema + +# MySQL 5 servers can have table sizes calculated quickly from information schema my @templist = select_array "SELECT ENGINE,SUM(DATA_LENGTH+INDEX_LENGTH),COUNT(ENGINE),SUM(DATA_LENGTH),SUM(INDEX_LENGTH) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'performance_schema', 'mysql') AND ENGINE IS NOT NULL GROUP BY ENGINE ORDER BY ENGINE ASC;"; @@ -1554,7 +1643,7 @@ sub check_storage_engines { # MySQL < 5 servers take a lot of work to get table sizes my @tblist; - # Now we build a database list, and loop through it to get storage engine stats for tables +# Now we build a database list, and loop through it to get storage engine stats for tables foreach my $db (@dblist) { chomp($db); if ( $db eq "information_schema" @@ -1578,11 +1667,11 @@ sub check_storage_engines { # Parse through the table list to generate storage engine counts/statistics $fragtables = 0; foreach my $tbl (@tblist) { - debugprint "Data dump ". Dumper (@$tbl); + debugprint "Data dump " . Dumper(@$tbl); my ( $engine, $size, $datafree ) = @$tbl; next if $engine eq 'NULL'; - $size=0 if $size eq 'NULL'; - $datafree=0 if $datafree eq 'NULL'; + $size = 0 if $size eq 'NULL'; + $datafree = 0 if $datafree eq 'NULL'; if ( defined $enginestats{$engine} ) { $enginestats{$engine} += $size; $enginecount{$engine} += 1; @@ -1801,7 +1890,7 @@ sub calculations { $myvar{'key_cache_block_size'} ) / $myvar{'key_buffer_size'} ) - ) * 100 + ) * 100 ); } else { @@ -1894,14 +1983,14 @@ sub calculations { ( $mystat{'Qcache_hits'} / ( $mystat{'Com_select'} + $mystat{'Qcache_hits'} ) - ) * 100 + ) * 100 ); if ( $myvar{'query_cache_size'} ) { $mycalc{'pct_query_cache_used'} = sprintf( "%.1f", 100 - ( $mystat{'Qcache_free_memory'} / $myvar{'query_cache_size'} - ) * 100 + ) * 100 ); } if ( $mystat{'Qcache_lowmem_prunes'} == 0 ) { @@ -2030,26 +2119,17 @@ sub calculations { . $mystat{'Innodb_buffer_pool_reads'} . ""; debugprint "Innodb_buffer_pool_read_requests: " . $mystat{'Innodb_buffer_pool_read_requests'} . ""; - - # InnoDB log write cache effiency - ( - $mystat{'Innodb_log_write_requests'}, - $mystat{'Innodb_log_writes'} - ) - = ( 1, 1 ) + ( $mystat{'Innodb_log_write_requests'}, $mystat{'Innodb_log_writes'} ) = + ( 1, 1 ) unless defined $mystat{'Innodb_log_writes'}; $mycalc{'pct_write_efficiency'} = percentage( - ( - $mystat{'Innodb_log_write_requests'} - - $mystat{'Innodb_log_writes'} - ), + ( $mystat{'Innodb_log_write_requests'} - $mystat{'Innodb_log_writes'} ), $mystat{'Innodb_log_write_requests'} ) if defined $mystat{'Innodb_log_write_requests'}; debugprint "pct_write_efficiency: " . $mycalc{'pct_write_efficiency'} . ""; - debugprint "Innodb_log_writes: " - . $mystat{'Innodb_log_writes'} . ""; + debugprint "Innodb_log_writes: " . $mystat{'Innodb_log_writes'} . ""; debugprint "Innodb_log_write_requests: " . $mystat{'Innodb_log_write_requests'} . ""; $mycalc{'pct_innodb_buffer_used'} = percentage( @@ -2125,8 +2205,10 @@ sub mysql_stats { . ( $myvar{'query_cache_type'} eq 0 | $myvar{'query_cache_type'} eq 'OFF' ? "DISABLED" - : ( $myvar{'query_cache_type'} eq 1 ? "ALL REQUESTS" - : "ON DEMAND" ) + : ( + $myvar{'query_cache_type'} eq 1 ? "ALL REQUESTS" + : "ON DEMAND" + ) ) . ""; infoprint " +-- Query Cache Size: " . hr_bytes( $myvar{'query_cache_size'} ) . ""; @@ -2155,7 +2237,7 @@ sub mysql_stats { && $mycalc{'max_used_memory'} > 2 * 1024 * 1024 * 1024 ) { badprint -"Allocating > 2GB RAM on 32-bit systems can cause system instability"; + "Allocating > 2GB RAM on 32-bit systems can cause system instability"; badprint "Maximum reached memory usage: " . hr_bytes( $mycalc{'max_used_memory'} ) . " ($mycalc{'pct_max_used_memory'}% of installed RAM)"; @@ -2242,14 +2324,16 @@ sub mysql_stats { push( @generalrec, "Upgrade MySQL to version 4+ to utilize query caching" ); } - elsif (mysql_version_ge(5,5)) - { - if ( $myvar{'query_cache_type'} ne "OFF" ) { - badprint "Query cache should be disabled by default due to mutex contention."; - push( @adjvars, "query_cache_type (=0)" ); - } else { - goodprint "Query cache is disabled by default due to mutex contention."; - } + elsif ( mysql_version_ge( 5, 5 ) ) { + if ( $myvar{'query_cache_type'} ne "OFF" ) { + badprint +"Query cache should be disabled by default due to mutex contention."; + push( @adjvars, "query_cache_type (=0)" ); + } + else { + goodprint + "Query cache is disabled by default due to mutex contention."; + } } elsif ( $myvar{'query_cache_size'} < 1 ) { badprint "Query cache is disabled"; @@ -2380,7 +2464,8 @@ sub mysql_stats { "When making adjustments, make tmp_table_size/max_heap_table_size equal" ); push( @generalrec, - "Reduce your SELECT DISTINCT queries which have no LIMIT clause" ); + "Reduce your SELECT DISTINCT queries which have no LIMIT clause" + ); } elsif ($mycalc{'pct_temp_disk'} > 25 && $mycalc{'max_tmp_table_size'} >= 256 * 1024 * 1024 ) @@ -2568,6 +2653,7 @@ sub mysql_stats { sub mysql_myisam { prettyprint "\n-------- MyISAM Metrics ------------------------------------------------------"; + # Key buffer usage if ( defined( $mycalc{'pct_key_buffer_used'} ) ) { if ( $mycalc{'pct_key_buffer_used'} < 90 ) { @@ -2701,26 +2787,43 @@ sub mariadb_threadpool { infoprint "ThreadPool stat is disabled."; return; } - infoprint "ThreadPool stat is enabled."; - infoprint "Thread Pool Size: ".$myvar{'thread_pool_size'}. " thread(s)."; + infoprint "ThreadPool stat is enabled."; + infoprint "Thread Pool Size: " . $myvar{'thread_pool_size'} . " thread(s)."; - if ($myvar{'have_innodb'} eq 'YES') { - if ($myvar{'thread_pool_size'}< 16 or $myvar{'thread_pool_size'}>36) { - badprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; - push( @generalrec, "Thread pool size for InnoDB usage (".$myvar{'thread_pool_size'}.")" ); - push( @adjvars, "thread_pool_size between 16 and 36 for InnoDB usage" ); - } else { - goodprint "thread_pool_size between 16 and 36 when using InnoDB storage engine."; + if ( $myvar{'have_innodb'} eq 'YES' ) { + if ( $myvar{'thread_pool_size'} < 16 + or $myvar{'thread_pool_size'} > 36 ) + { + badprint +"thread_pool_size between 16 and 36 when using InnoDB storage engine."; + push( @generalrec, + "Thread pool size for InnoDB usage (" + . $myvar{'thread_pool_size'} + . ")" ); + push( @adjvars, + "thread_pool_size between 16 and 36 for InnoDB usage" ); + } + else { + goodprint +"thread_pool_size between 16 and 36 when using InnoDB storage engine."; } return; - } - if ($myvar{'have_isam'} eq 'YES') { - if ($myvar{'thread_pool_size'}<4 or $myvar{'thread_pool_size'}>8) { - badprint "thread_pool_size between 4 and 8 when using MyIsam storage engine."; - push( @generalrec, "Thread pool size for MyIsam usage (".$myvar{'thread_pool_size'}.")" ); - push( @adjvars, "thread_pool_size between 4 and 8 for MyIsam usage" ); - } else { - goodprint "thread_pool_size between 4 and 8 when using MyISAM storage engine."; + } + if ( $myvar{'have_isam'} eq 'YES' ) { + if ( $myvar{'thread_pool_size'} < 4 or $myvar{'thread_pool_size'} > 8 ) + { + badprint +"thread_pool_size between 4 and 8 when using MyIsam storage engine."; + push( @generalrec, + "Thread pool size for MyIsam usage (" + . $myvar{'thread_pool_size'} + . ")" ); + push( @adjvars, + "thread_pool_size between 4 and 8 for MyIsam usage" ); + } + else { + goodprint +"thread_pool_size between 4 and 8 when using MyISAM storage engine."; } } } @@ -2731,14 +2834,16 @@ sub mysqsl_pfs { "\n-------- Performance schema --------------------------------------------------"; # Performance Schema - unless ( defined($myvar{'performance_schema'}) and $myvar{'performance_schema'} eq 'ON' ) { - infoprint "Performance schema is disabled."; - } else { - infoprint "Performance schema is enabled."; - } + unless ( defined( $myvar{'performance_schema'} ) + and $myvar{'performance_schema'} eq 'ON' ) + { + infoprint "Performance schema is disabled."; + } + else { + infoprint "Performance schema is enabled."; + } } - # Recommendations for Ariadb sub mariadb_ariadb { prettyprint @@ -2810,7 +2915,6 @@ sub mariadb_ariadb { } } - # Recommendations for TokuDB sub mariadb_tokudb { prettyprint @@ -2843,6 +2947,7 @@ sub mariadb_galera { return; } infoprint "Galera is enabled."; + # All is to done here } @@ -3087,11 +3192,19 @@ sub mysql_databases { . percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%)"; infoprint " +-- SIZE : " . hr_bytes( $totaldbinfo[3] ) . ""; infoprint " +-- COLLA : " - . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " (". (join ", ", select_array ("SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES;")) .")"; + . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " (" + . ( + join ", ", + select_array( + "SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES;") + ) . ")"; infoprint " +-- ENGIN : " - . ( $totaldbinfo[6] eq 'NULL' ? 0 : $totaldbinfo[6] ) . " (". (join ", ", select_array ("SELECT DISTINCT(ENGINE) FROM information_schema.TABLES;")) .")"; - - + . ( $totaldbinfo[6] eq 'NULL' ? 0 : $totaldbinfo[6] ) . " (" + . ( + join ", ", + select_array("SELECT DISTINCT(ENGINE) FROM information_schema.TABLES;") + ) . ")"; + $result{'Databases'}{'All databases'}{'Rows'} = ( $totaldbinfo[0] eq 'NULL' ? 0 : $totaldbinfo[0] ); $result{'Databases'}{'All databases'}{'Data Size'} = $totaldbinfo[1]; @@ -3100,14 +3213,18 @@ sub mysql_databases { $result{'Databases'}{'All databases'}{'Index Size'} = $totaldbinfo[2]; $result{'Databases'}{'All databases'}{'Index Pct'} = percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%"; - $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; - print "\n" unless ($opt{'silent'} or $opt{'json'}); + $result{'Databases'}{'All databases'}{'Total Size'} = $totaldbinfo[3]; + print "\n" unless ( $opt{'silent'} or $opt{'json'} ); + foreach (@dblist) { chomp($_); - if ( $_ eq "information_schema" + if ( + $_ eq "information_schema" or $_ eq "performance_schema" - # or $_ eq "mysql" - or $_ eq "" ) + + # or $_ eq "mysql" + or $_ eq "" + ) { next; } @@ -3122,7 +3239,13 @@ sub mysql_databases { . ( !defined( $dbinfo[6] ) or $dbinfo[6] eq 'NULL' ? 0 : $dbinfo[6] ) . ""; infoprint " +-- COLL : " - . ( $dbinfo[7] eq 'NULL' ? 0 : $dbinfo[7] ) . " (". (join ", ", select_array ("SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';")) .")"; + . ( $dbinfo[7] eq 'NULL' ? 0 : $dbinfo[7] ) . " (" + . ( + join ", ", + select_array( +"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';" + ) + ) . ")"; infoprint " +-- ROWS : " . ( !defined( $dbinfo[1] ) or $dbinfo[1] eq 'NULL' ? 0 : $dbinfo[1] ) . ""; @@ -3134,53 +3257,93 @@ sub mysql_databases { . percentage( $dbinfo[3], $dbinfo[4] ) . "%)"; infoprint " +-- TOTAL: " . hr_bytes( $dbinfo[4] ) . ""; infoprint " +-- ENGIN : " - . ( $dbinfo[8] eq 'NULL' ? 0 : $dbinfo[8] ) . " (". (join ", ", select_array ("SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_'")) .")"; + . ( $dbinfo[8] eq 'NULL' ? 0 : $dbinfo[8] ) . " (" + . ( + join ", ", + select_array( +"SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_'" + ) + ) . ")"; badprint "Index size is larger than data size for $dbinfo[0] \n" if $dbinfo[2] < $dbinfo[3]; badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n" if $dbinfo[5] > 1; - $result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1]; - $result{'Databases'}{ $dbinfo[0] }{'Tables'} = $dbinfo[6]; - $result{'Databases'}{ $dbinfo[0] }{'Collations'} = $dbinfo[7]; - $result{'Databases'}{ $dbinfo[0] }{'Data Size'} = $dbinfo[2]; + $result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1]; + $result{'Databases'}{ $dbinfo[0] }{'Tables'} = $dbinfo[6]; + $result{'Databases'}{ $dbinfo[0] }{'Collations'} = $dbinfo[7]; + $result{'Databases'}{ $dbinfo[0] }{'Data Size'} = $dbinfo[2]; $result{'Databases'}{ $dbinfo[0] }{'Data Pct'} = percentage( $dbinfo[2], $dbinfo[4] ) . "%"; $result{'Databases'}{ $dbinfo[0] }{'Index Size'} = $dbinfo[3]; $result{'Databases'}{ $dbinfo[0] }{'Index Pct'} = percentage( $dbinfo[3], $dbinfo[4] ) . "%"; $result{'Databases'}{ $dbinfo[0] }{'Total Size'} = $dbinfo[4]; - if ($dbinfo[7]>1) { - badprint $dbinfo[7]. " differents collations for database ".$dbinfo[0]; - push(@generalrec, "Check all table collations are identical for all tables in ".$dbinfo[0]. " database."); - } else { - goodprint $dbinfo[7]. " collation for ".$dbinfo[0]. " database."; - } - if ($dbinfo[8]>1) { - badprint $dbinfo[8]. " differents engines for database ".$dbinfo[0]; - push(@generalrec, "Check all table engines are identical for all tables in ".$dbinfo[0]. " database."); - } else { - goodprint $dbinfo[8]. " engine for ".$dbinfo[0]. " database."; - } - - my @distinct_column_charset=select_array("select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"); - infoprint "Charsets for $dbinfo[0] database table column: ". join (', ', @distinct_column_charset); - if (scalar (@distinct_column_charset)>1 ) { - badprint $dbinfo[0]. " table column(s) has several charsets defined for all text like column(s)."; - push(@generalrec, "Limit charset for column to one charset if possible for ".$dbinfo[0]." database."); - } else { - goodprint $dbinfo[0]. " table column(s) has same charset defined for all text like column(s)."; - } - my @distinct_column_collation=select_array("select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"); - infoprint "Collations for $dbinfo[0] database table column: ". join (', ', @distinct_column_collation); - if (scalar (@distinct_column_collation)>1 ) { - badprint $dbinfo[0]. " table column(s) has several collations defined for all text like column(s)."; - push(@generalrec, "Limit collations for column to one collation if possible for ".$dbinfo[0]." database."); - } else { - goodprint $dbinfo[0]. " table column(s) has same collation defined for all text like column(s)."; + if ( $dbinfo[7] > 1 ) { + badprint $dbinfo[7] + . " differents collations for database " + . $dbinfo[0]; + push( @generalrec, + "Check all table collations are identical for all tables in " + . $dbinfo[0] + . " database." ); + } + else { + goodprint $dbinfo[7] + . " collation for " + . $dbinfo[0] + . " database."; + } + if ( $dbinfo[8] > 1 ) { + badprint $dbinfo[8] + . " differents engines for database " + . $dbinfo[0]; + push( @generalrec, + "Check all table engines are identical for all tables in " + . $dbinfo[0] + . " database." ); + } + else { + goodprint $dbinfo[8] . " engine for " . $dbinfo[0] . " database."; + } + + my @distinct_column_charset = select_array( +"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'" + ); + infoprint "Charsets for $dbinfo[0] database table column: " + . join( ', ', @distinct_column_charset ); + if ( scalar(@distinct_column_charset) > 1 ) { + badprint $dbinfo[0] + . " table column(s) has several charsets defined for all text like column(s)."; + push( @generalrec, + "Limit charset for column to one charset if possible for " + . $dbinfo[0] + . " database." ); + } + else { + goodprint $dbinfo[0] + . " table column(s) has same charset defined for all text like column(s)."; + } + + my @distinct_column_collation = select_array( +"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'" + ); + infoprint "Collations for $dbinfo[0] database table column: " + . join( ', ', @distinct_column_collation ); + if ( scalar(@distinct_column_collation) > 1 ) { + badprint $dbinfo[0] + . " table column(s) has several collations defined for all text like column(s)."; + push( @generalrec, + "Limit collations for column to one collation if possible for " + . $dbinfo[0] + . " database." ); + } + else { + goodprint $dbinfo[0] + . " table column(s) has same collation defined for all text like column(s)."; + } } - } - + } # Recommendations for Indexes metrics @@ -3191,9 +3354,10 @@ sub mysql_indexes { "\n-------- Indexes Metrics -----------------------------------------------------"; unless ( mysql_version_ge( 5, 5 ) ) { infoprint -"Skip Index metrics from information schema missing in this version"; + "Skip Index metrics from information schema missing in this version"; return; } + # unless ( mysql_version_ge( 5, 6 ) ) { # infoprint #"Skip Index metrics from information schema due to erronous information provided in this version"; @@ -3246,7 +3410,7 @@ ENDSQL infoprint " +-- NB COLS : " . $info[3] . " column(s)"; infoprint " +-- CARDINALITY : " . $info[4] . " distinct values"; infoprint " +-- NB ROWS : " . $info[5] . " rows"; - infoprint " +-- TYPE : " . $info[6] ; + infoprint " +-- TYPE : " . $info[6]; infoprint " +-- SELECTIVITY : " . $info[7] . "%"; $result{'Indexes'}{ $info[1] }{'Colunm'} = $info[0]; @@ -3259,7 +3423,7 @@ ENDSQL if ( $info[7] < 25 ) { badprint "$info[1] has a low selectivity"; } - } + } return unless ( defined( $myvar{'performance_schema'} ) @@ -3304,8 +3468,7 @@ sub make_recommendations { foreach (@adjvars) { prettyprint " " . $_ . ""; } } if ( @generalrec == 0 && @adjvars == 0 ) { - prettyprint - "No additional performance recommendations are available."; + prettyprint "No additional performance recommendations are available."; } } @@ -3321,18 +3484,19 @@ sub headerprint { } sub string2file { - my $filename=shift; - my $content=shift; - open my $fh, q(>), $filename - or die "Unable to open $filename in write mode. Please check permissions for this file or directory"; - print $fh $content if defined($content); - close $fh; - debugprint $content if ($opt{'debug'}); + my $filename = shift; + my $content = shift; + open my $fh, q(>), $filename + or die +"Unable to open $filename in write mode. Please check permissions for this file or directory"; + print $fh $content if defined($content); + close $fh; + debugprint $content if ( $opt{'debug'} ); } sub file2array { my $filename = shift; - debugprint "* reading $filename" if ($opt{'debug'}); + debugprint "* reading $filename" if ( $opt{'debug'} ); my $fh; open( $fh, q(<), "$filename" ) or die "Couldn't open $filename for reading: $!\n"; @@ -3342,15 +3506,16 @@ sub file2array { } sub file2string { - return join ( '', file2array(@_) ); + return join( '', file2array(@_) ); } my $templateModel; -if ($opt{'template'} ne 0 ) { - $templateModel=file2string ($opt{'template'}); -}else { - # DEFAULT REPORT TEMPLATE - $templateModel=<<'END_TEMPLATE'; +if ( $opt{'template'} ne 0 ) { + $templateModel = file2string( $opt{'template'} ); +} +else { + # DEFAULT REPORT TEMPLATE + $templateModel = <<'END_TEMPLATE'; @@ -3368,41 +3533,47 @@ if ($opt{'template'} ne 0 ) { END_TEMPLATE } + sub dump_result { - if ($opt{'debug'}) { - debugprint Dumper( \%result ); + if ( $opt{'debug'} ) { + debugprint Dumper( \%result ); } debugprint "HTML REPORT: $opt{'reportfile'}"; - if ($opt{'reportfile'} ne 0 ) { - eval "{ use Text::Template }"; - if ($@) { - badprint "Text::Template Module is needed."; - exit 1; - } + if ( $opt{'reportfile'} ne 0 ) { + eval "{ use Text::Template }"; + if ($@) { + badprint "Text::Template Module is needed."; + exit 1; + } - my $vars= {'data' => Dumper( \%result ) }; + my $vars = { 'data' => Dumper( \%result ) }; - my $template; - { - no warnings 'once'; - $template = Text::Template->new(TYPE => 'STRING', PREPEND => q{;}, SOURCE => $templateModel) - or die "Couldn't construct template: $Text::Template::ERROR"; - } - open my $fh, q(>), $opt{'reportfile'} - or die "Unable to open $opt{'reportfile'} in write mode. please check permissions for this file or directory"; - $template->fill_in(HASH =>$vars, OUTPUT=>$fh ); - close $fh; + my $template; + { + no warnings 'once'; + $template = Text::Template->new( + TYPE => 'STRING', + PREPEND => q{;}, + SOURCE => $templateModel + ) or die "Couldn't construct template: $Text::Template::ERROR"; + } + open my $fh, q(>), $opt{'reportfile'} + or die +"Unable to open $opt{'reportfile'} in write mode. please check permissions for this file or directory"; + $template->fill_in( HASH => $vars, OUTPUT => $fh ); + close $fh; } - if ($opt{'json'} ne 0 ) { - eval "{ use JSON }"; - if ($@) { - badprint "JSON Module is needed."; - exit 1; - } - my $json = JSON->new->allow_nonref; - print $json->utf8(1)->pretty(($opt{'prettyjson'} ? 1 : 0))->encode(\%result); + if ( $opt{'json'} ne 0 ) { + eval "{ use JSON }"; + if ($@) { + badprint "JSON Module is needed."; + exit 1; + } + my $json = JSON->new->allow_nonref; + print $json->utf8(1)->pretty( ( $opt{'prettyjson'} ? 1 : 0 ) ) + ->encode( \%result ); } } @@ -3426,7 +3597,7 @@ cve_recommendations; # Display related CVE calculations; # Calculate everything we need mysql_stats; # Print the server stats mysqsl_pfs # Print Performance schema info -mariadb_threadpool; # Print MaraiDB ThreadPool stats + mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats mariadb_ariadb; # Print MaraiDB AriaDB stats mysql_innodb; # Print InnoDB stats From bbf0db87d5120dd9f607bdae7b2f7a6c19d11bf7 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 29 Mar 2016 14:32:52 +0200 Subject: [PATCH 042/237] Update .travis.yml --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index f0fc025..f1ce64b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,4 +35,4 @@ install: - cpanm --quiet --notest JSON script: - - ./mysqltuner.pl -idxstat --dbstat + - ./mysqltuner.pl --idxstat --dbstat From 21e5fe895ed0680779f914a3629568e920ac448f Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Mar 2016 14:41:33 +0200 Subject: [PATCH 043/237] Changing travis tests for 5.2 tests --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index f1ce64b..0c1963a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,4 +35,4 @@ install: - cpanm --quiet --notest JSON script: - - ./mysqltuner.pl --idxstat --dbstat + - ./mysqltuner.pl --idxstat --dbstat --user travis -pass '' From 48a346ee0cbc6f135fee75d5a7626f5df0c05fcb Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Mar 2016 14:52:54 +0200 Subject: [PATCH 044/237] Trying to fix travis config. --- .travis.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0c1963a..acd34a7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,14 +14,14 @@ perl: matrix: include: - addons: - mariadb: 5.5 - perl: 5.20 + mariadb: "5.5" + perl: "5.20" - addons: - mariadb: 10.0 - perl: 5.20 + mariadb: "10.0" + perl: "5.20" - addons: - mariadb: 10.1 - perl: 5.20 + mariadb: "10.1" + perl: "5.20" before_install: - git clone git://github.com/haarg/perl-travis-helper From 3d9660807a9b582370b2c1bff0f2805d9c503021 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Mar 2016 15:12:17 +0200 Subject: [PATCH 045/237] Missing - in command option pass --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index acd34a7..8106686 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,4 +35,4 @@ install: - cpanm --quiet --notest JSON script: - - ./mysqltuner.pl --idxstat --dbstat --user travis -pass '' + - ./mysqltuner.pl --idxstat --dbstat --user travis --pass '' From 598da33e91bfbfbc6e3e073a21a53b90f88a39c1 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Mar 2016 17:28:12 +0200 Subject: [PATCH 046/237] new version --- .travis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8106686..853a9c7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,4 +35,6 @@ install: - cpanm --quiet --notest JSON script: - - ./mysqltuner.pl --idxstat --dbstat --user travis --pass '' + - echo -e "[client]\nuser=root\npassword=\"\"" > .my.cnf + - chmod 600 .my.cnf + - ./mysqltuner.pl --idxstat --dbstat From 45c468f32436287b99a505a2b601fc2c609a241b Mon Sep 17 00:00:00 2001 From: Sergei A Mamonov Date: Wed, 30 Mar 2016 14:44:30 +0300 Subject: [PATCH 047/237] add fixes to get_os_release for debian 6/7/8 --- mysqltuner.pl | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 6a24c33..173a43d 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1062,10 +1062,31 @@ sub get_other_process_memory { } sub get_os_release { - return "Unknown OS release" unless -f "/etc/system-release"; - my @info_release = get_file_contents "/etc/system-release"; - remove_cr @info_release; - return $info_release[0]; + if( -f "/etc/system-release") { + my @info_release = get_file_contents "/etc/system-release"; + remove_cr @info_release; + return $info_release[0]; + } + + if ( -f "/etc/os-release") { + my @info_release = get_file_contents "/etc/os-release"; + remove_cr @info_release; + my $os_relase = $info_release[0]; + $os_relase =~ s/.*="//; + $os_relase =~ s/"$//; + return $os_relase; + } + + if ( -f "/etc/issue") { + my @info_release = get_file_contents "/etc/issue"; + remove_cr @info_release; + my $os_relase = $info_release[0]; + $os_relase =~ s/\s+\\n.*//; + return $os_relase; + } + + return "Unknown OS release"; + } sub get_fs_info() { From ff796b48bf5681f9be213fb69d9b1e4d17546509 Mon Sep 17 00:00:00 2001 From: Sergei A Mamonov Date: Wed, 30 Mar 2016 15:59:47 +0300 Subject: [PATCH 048/237] fix mount point output for linux --- mysqltuner.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 173a43d..77c8e6a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1091,11 +1091,11 @@ sub get_os_release { sub get_fs_info() { my @sinfo = `df -P | grep '%'`; - shift @sinfo; my @iinfo = `df -Pi| grep '%'`; shift @iinfo; map { s/.*\s(\d+)%\s+(.*)/$1\t$2/g } @sinfo; foreach my $info (@sinfo) { + next if $info =~ m{(\d+)\t/(run|dev|sys|proc)($|/)}; if ( $info =~ /(\d+)\t(.*)/ ) { if ( $1 > 85 ) { badprint "mount point $2 is using $1 % total space"; @@ -1109,6 +1109,7 @@ sub get_fs_info() { map { s/.*\s(\d+)%\s+(.*)/$1\t$2/g } @iinfo; foreach my $info (@iinfo) { + next if $info =~ m{(\d+)\t/(run|dev|sys|proc)($|/)}; if ( $info =~ /(\d+)\t(.*)/ ) { if ( $1 > 85 ) { badprint "mount point $2 is using $1 % of max allowed inodes"; From c74d51e065a8995094d2ea24117bc86c87bedcd6 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 30 Mar 2016 17:16:16 +0200 Subject: [PATCH 049/237] system information are only available with --sysstat #165 --- mysqltuner.pl | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 173a43d..aa645db 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -79,6 +79,7 @@ my %opt = ( "outputfile" => 0, "dbstat" => 0, "idxstat" => 0, + "sysstat" => 0, "skippassword" => 0, "noask" => 0, "template" => 0, @@ -107,7 +108,7 @@ my $getOptionsCheck = GetOptions( 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', 'updateversion', 'maxportallowed=s', - 'verbose' + 'verbose', 'sysstat' ); #If params are incorrect return help @@ -156,6 +157,7 @@ sub usage { . " --debug Print debug information\n" . " --dbstat Print database information\n" . " --idxstat Print index information\n" + . "--sysstat Print system information\n" . " --bannedports Ports banned separated by comma(,)\n" . " --maxportallowed Number of ports opened allowed on this hosts\n" . " --cvefile CVE File for vulnerability checks\n" @@ -186,6 +188,7 @@ if ( $opt{verbose} ) { $opt{checkversion} = 1; #Check for updates to MySQLTuner $opt{dbstat} = 1; #Print database information $opt{idxstat} = 1; #Print index information + $opt{sysstat} = 1; #Print index information $opt{buffers} = 1; #Print global and per-thread buffer values $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks } @@ -1197,6 +1200,7 @@ sub get_system_info() { } sub system_recommendations { + return if ( $opt{sysstat} == 0 ); prettyprint "\n-------- System Linux Recommendations ---------------------------------------"; my $os = `uname`; @@ -3681,6 +3685,7 @@ You must provide the remote server's total memory when connecting to other serve --debug Print debug information --dbstat Print database information --idxstat Print index information + --sysstat Print system information --bannedports Ports banned separated by comma(,) --maxportallowed Number of ports opened allowed on this hosts --cvefile CVE File for vulnerability checks From 6f5f5c4b45b3a200175a2ad935d8eff24987ee7f Mon Sep 17 00:00:00 2001 From: root Date: Wed, 30 Mar 2016 17:24:44 +0200 Subject: [PATCH 050/237] removing mariaDB 10.1 as test from travis - temporary --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 853a9c7..a38ba37 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,9 +19,9 @@ matrix: - addons: mariadb: "10.0" perl: "5.20" - - addons: - mariadb: "10.1" - perl: "5.20" +# - addons: +# mariadb: "10.1" +# perl: "5.20" before_install: - git clone git://github.com/haarg/perl-travis-helper From 292cbfedad72a56717e14526bc48e48758b77076 Mon Sep 17 00:00:00 2001 From: Christine Date: Mon, 4 Apr 2016 12:12:09 +0200 Subject: [PATCH 051/237] Adding some sysctl control in sysstat mode --- mysqltuner.pl | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 0d228c7..3b7f4db 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1159,6 +1159,44 @@ sub infocmd_one { return join ', ', @result; } + +sub get_kernel_info() +{ + my @params=('fs.aio-max-nr', 'fs.aio-nr', 'fs.file-max', 'sunrpc.tcp_fin_timeout', + 'sunrpc.tcp_max_slot_table_entries', 'sunrpc.tcp_slot_table_entries', + 'vm.swappiness'); + infoprint "Informations about kernel tuning:"; + foreach my $param (@params) { + infocmd_tab("sysctl $param"); + } + if (`sysctl -n vm.swappiness` > 10) { + badprint "Swappiness is > 10, please consider having a value lower than 10"; + push @generalrec, "setup swappieness lower or equals to 10"; + push @adjvars, 'vm.swappiness <= 10 (echo 0 > /proc/sys/vm/swappiness)'; + } else { + infoprint "Swappiness is < 10."; + } + + if (`sysctl -n sunrpc.tcp_slot_table_entries` < 100) { + badprint "Initial TCP slot entries is < 1M, please consider having a value greater than 100"; + push @generalrec, "setup Initial TCP slot entries greater than 100"; + push @adjvars, 'sunrpc.tcp_slot_table_entries > 100 (echo 128 > /proc/sys/sunrpc/tcp_slot_table_entries)'; + } else { + infoprint "TCP slot entries is > 100."; + } + + + if (`sysctl -n fs.aio-max-nr` < 1000000) { + badprint "Max running total of the number of events is < 1M, please consider having a value greater than 1M"; + push @generalrec, "setup Max running number events greater than 1M"; + push @adjvars, 'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)'; + } else { + infoprint "Max Number of AIO events is > 1M."; + } + +} + + sub get_system_info() { infoprint get_os_release; if (is_virtual_machine) { @@ -1272,6 +1310,7 @@ sub system_recommendations { } get_fs_info; + get_kernel_info; } sub security_recommendations { From c9cea2cc800cb15345305680c3e64fd4919f5635 Mon Sep 17 00:00:00 2001 From: Christine Date: Mon, 4 Apr 2016 13:58:52 +0200 Subject: [PATCH 052/237] #177 bug with free -h changed to free -mwq --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 3b7f4db..f244b53 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1230,8 +1230,8 @@ sub get_system_info() { . infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; infoprint "Logged In users : "; infocmd_tab "who"; - infoprint "Ram Usages : "; - infocmd_tab "free -h | grep -v +"; + infoprint "Ram Usages in Mb : "; + infocmd_tab "free -m | grep -v +"; infoprint "Load Average : "; infocmd_tab "top -n 1 -b | grep 'load average:'"; From 8203dcd686af015c1b5fbba877caff0d69382ac3 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Mon, 4 Apr 2016 11:23:43 -0400 Subject: [PATCH 053/237] Dumping galera options and status #150 --- mysqltuner.pl | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f244b53..4077877 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -907,7 +907,6 @@ sub get_all_vars { $result{'Variables'}{$1} = $2; debugprint "V: $1 = $2"; } - my @mysqlstatlist = select_array "SHOW /*!50000 GLOBAL */ STATUS"; foreach my $line (@mysqlstatlist) { $line =~ /([a-zA-Z_]*)\s*(.*)/; @@ -915,7 +914,11 @@ sub get_all_vars { $result{'Status'}{$1} = $2; debugprint "S: $1 = $2"; } - + $myvar{'have_galera'} = "NO"; + if (defined($myvar{'wsrep_provider_options'})) { + $myvar{'have_galera'} = "YES"; + debugprint "Galera options: ". $myvar{'wsrep_provider_options'}; + } # Workaround for MySQL bug #59393 wrt. ignore-builtin-innodb if ( ( $myvar{'ignore_builtin_innodb'} || "" ) eq "ON" ) { $myvar{'have_innodb'} = "NO"; @@ -970,6 +973,7 @@ sub get_all_vars { sub remove_cr { map { s/\n$//g; } @_; + map { s/^\s+$//g; } @_; } sub remove_empty { @@ -1445,8 +1449,8 @@ sub security_recommendations { sub get_replication_status { prettyprint -"\n-------- Replication Metrics -------------------------------------------------"; - +"\n-------- Replication Metrics -------------------------------------------------"; + infoprint "Galera Synchronous replication: ". $myvar{'have_galera'}; if ( scalar( keys %myslaves ) == 0 ) { infoprint "No replication slave(s) for this server."; } @@ -2998,6 +3002,14 @@ sub mariadb_tokudb { # All is to done here } +# Perl trim function to remove whitespace from the start and end of the string +sub trim { + my $string = shift; + $string =~ s/^\s+//; + $string =~ s/\s+$//; + return $string; +} + # Recommendations for Galera sub mariadb_galera { prettyprint @@ -3005,15 +3017,26 @@ sub mariadb_galera { # AriaDB unless ( defined $myvar{'have_galera'} - && $myvar{'have_galera'} eq "YES" - && defined $enginestats{'Galera'} ) + && $myvar{'have_galera'} eq "YES" ) { infoprint "Galera is disabled."; return; } infoprint "Galera is enabled."; - # All is to done here + infoprint "Galera Options:"; + my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; + remove_cr @galera_options; + @galera_options=remove_empty @galera_options; + foreach my $gparam ( @galera_options ) { + infoprint "\t".trim($gparam); + } + infoprint "Galera status:"; + foreach my $gstatus ( keys %mystat ) { + next unless $gstatus =~ /^wsrep.*/; + infoprint "\t".trim($gstatus). " = ".$mystat{$gstatus}; + } + } # Recommendations for InnoDB From 3ef98d83c184d5241b7756545228ebce7af9b259 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Mon, 4 Apr 2016 11:30:16 -0400 Subject: [PATCH 054/237] Dumping mysql options for galera* #150 --- mysqltuner.pl | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4077877..6ccc3cc 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3023,6 +3023,12 @@ sub mariadb_galera { return; } infoprint "Galera is enabled."; + infoprint "Galera variables:"; + foreach my $gvar ( keys %myvar ) { + next unless $gvar =~ /^wsrep.*/; + next if $gvar eq 'wsrep_provider_options'; + infoprint "\t".trim($gvar). " = ".$myvar{$gvar}; + } infoprint "Galera Options:"; my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; From 2d483e6b755de67b6db9bfd1711b9900b6a363a0 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Mon, 4 Apr 2016 12:32:35 -0400 Subject: [PATCH 055/237] Check tables are all innodb table and check all table gets pk #150 --- mysqltuner.pl | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 6ccc3cc..4d69c14 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3041,7 +3041,25 @@ sub mariadb_galera { foreach my $gstatus ( keys %mystat ) { next unless $gstatus =~ /^wsrep.*/; infoprint "\t".trim($gstatus). " = ".$mystat{$gstatus}; - } + } + my @primaryKeysNbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.columns where table_schema not in ('mysql', 'information_schema', 'performance_schema') group by table_schema,table_name having sum(if(column_key in ('PRI','UNI'), 1,0)) = 0"); + if (scalar (@primaryKeysNbTables) > 0 ) { + badprint "Following table(s) don't have primary key:"; + foreach my $badtable( @primaryKeysNbTables ) { + badprint "\t$badtable"; + } + } else { + goodprint "All tables get a primary key"; + } + my @nonInnoDbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDb' and table_schema not in ('mysql', 'performance_schema', 'information_schema')"); + if (scalar (@nonInnoDbTables) > 0 ) { + badprint "Following table(s) are not InnoDB table:"; + foreach my $badtable( @nonInnoDbTables ) { + badprint "\t$badtable"; + } + } else { + goodprint "All tables are InnoDB tables"; + } } From 974bd03ddfac11b97623633ce6cc3c9614cf13a5 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Tue, 5 Apr 2016 05:16:52 -0400 Subject: [PATCH 056/237] Adding new control for Galera cluster #150 --- mysqltuner.pl | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4d69c14..e86c7fb 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3030,7 +3030,7 @@ sub mariadb_galera { infoprint "\t".trim($gvar). " = ".$myvar{$gvar}; } - infoprint "Galera Options:"; + infoprint "Galera wsrep provider Options:"; my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; remove_cr @galera_options; @galera_options=remove_empty @galera_options; @@ -3054,13 +3054,46 @@ sub mariadb_galera { my @nonInnoDbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDb' and table_schema not in ('mysql', 'performance_schema', 'information_schema')"); if (scalar (@nonInnoDbTables) > 0 ) { badprint "Following table(s) are not InnoDB table:"; + push @generalrec, "Ensure that all table(s) are InnoDB tabls for Galera replication"; foreach my $badtable( @nonInnoDbTables ) { badprint "\t$badtable"; } } else { goodprint "All tables are InnoDB tables"; } + if ($myvar{'binlog_format'} ne 'ROW') { + badprint "Binlog format should be in ROW mode."; + push @adjvars, "binlog_format = ROW"; + } else { + goodprint "Binlog format is in ROW mode."; + } + if ($myvar{'innodb_flush_log_at_trx_commit'} != 0 ) { + badprint "Innodb flush log at each commit should be disabled."; + push @adjvars, "innodb_flush_log_at_trx_commit = 0"; + } else { + goodprint "Innodb flush log at each commit is disabled for Galera."; + } + infoprint "Read consistency mode :". $myvar{'wsrep_causal_reads'}; + + if ( defined($myvar{'wsrep_cluster_name'}) and $myvar{'wsrep_on'} eq "ON" ) { + goodprint "Galera WsREP is enabled."; + } else { + badprint "Galera Wsesp is disabled"; + } + if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { + goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; + } else { + badprint "Galera Cluster address is undefined"; + push @adjvars, "set up wsrep_cluster_address variable for Galera replication"; + } + + if ( defined($myvar{'wsrep_cluster_name'}) and trim($myvar{'wsrep_cluster_name'}) ne "") { + goodprint "Galera Cluster name is defined: ".$myvar{'wsrep_cluster_name'}; + } else { + badprint "Galera Cluster name is undefined"; + push @adjvars, "set up wsrep_cluster_name variable for Galera replication"; + } } # Recommendations for InnoDB From 89ade050a765c496e8a9b48bb39c1e2aada6c551 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Tue, 5 Apr 2016 09:18:10 -0400 Subject: [PATCH 057/237] Update Internals checks documentation --- INTERNALS.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/INTERNALS.md b/INTERNALS.md index d24b3c4..dbefe6f 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -70,6 +70,12 @@ * Check 80, 8080, 443 and 8443 ports if warning are raised if there are opened * Check if some banned ports are not opened (option --bannedports separated by comma) * Check if non kernel and user process except mysqld are not using more than 15% of total physical memory) +* Check vm.swapiness +* Check /etc/security/limit.conf +* Check sysctl entries: sunrpc.tcp_slot_entries, vm.swappiness, fs.aio-fs-nr +* Check mount point +* Check Ethernet card +* Check load average ## MySQLTuner Server version checks * EOL MySQL version check From 97cce402ae090e80708405c1d3c16cdf3ca23f65 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Tue, 5 Apr 2016 09:49:43 -0400 Subject: [PATCH 058/237] Adding get_http_cli for curl or wget detecting in sysstat --- mysqltuner.pl | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index e86c7fb..2113de6 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -418,6 +418,20 @@ sub os_setup { } +sub get_http_cli { + my $httpcli = `which curl`; + chomp($httpcli); + if ( defined($httpcli) and -e "$httpcli" ) { + return $httpcli; + } + + $httpcli = `which wget`; + chomp($httpcli); + if ( defined($httpcli) and -e "$httpcli" ) { + return $httpcli; + } + return ""; +} # Checks for updates to MySQLTuner sub validate_tuner_version { if ( $opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0 ) { @@ -443,6 +457,8 @@ sub validate_tuner_version { compare_tuner_version($update); return; + } else { + } $httpcli = `which wget`; @@ -1210,7 +1226,7 @@ sub get_system_info() { infoprint "Machine type : Physical machine"; } - `ping -c 1 google.com &>/dev/null`; + `ping -c 1 ipecho.net &>/dev/null`; my $isConnected = $?; if ( $? == 0 ) { infoprint "Internet : Connected"; @@ -1224,12 +1240,12 @@ sub get_system_info() { infoprint "Network Cards : "; infocmd_tab "ifconfig| grep -A1 mtu"; infoprint "Internal IP : " . infocmd_one "hostname -I"; + my $httpcli=get_http_cli(); + infoprint "HTTP client found: $httpcli" if defined $httpcli; infoprint "External IP : " - . infocmd_one "curl -s ipecho.net/plain" - if $isConnected == 0; + . infocmd_one "$httpcli ipecho.net/plain" if defined ($httpcli); badprint - "External IP : Can't check because of Internet connectivity" - if $isConnected != 0; + "External IP : Can't check because of Internet connectivity" unless defined($httpcli); infoprint "Name Servers : " . infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; infoprint "Logged In users : "; From a5449a0d22cb8ced2fa6a310a94b0d1d3aa9d98f Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Tue, 5 Apr 2016 11:40:38 -0400 Subject: [PATCH 059/237] Adding performance_schema.memoty value to max_used_memory and max_peak_memory calculation There is always MySQL 5.7+ and adaptaive memory usage to handle porperly --- mysqltuner.pl | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 2113de6..deccf52 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1923,14 +1923,14 @@ sub calculations { # Max used memory is memory used by MySQL based on Max_used_connections # This is the max memory used theorically calculated with the max concurrent connection number reached by mysql $mycalc{'max_used_memory'} = - $mycalc{'server_buffers'} + $mycalc{"max_total_per_thread_buffers"}; + $mycalc{'server_buffers'} + $mycalc{"max_total_per_thread_buffers"} +get_pf_memory(); $mycalc{'pct_max_used_memory'} = percentage( $mycalc{'max_used_memory'}, $physical_memory ); # Total possible memory is memory needed by MySQL based on max_connections # This is the max memory MySQL can theorically used if all connections allowed has opened by mysql $mycalc{'max_peak_memory'} = - $mycalc{'server_buffers'} + $mycalc{'total_per_thread_buffers'}; + $mycalc{'server_buffers'} + $mycalc{'total_per_thread_buffers'} + get_pf_memory(); $mycalc{'pct_max_physical_memory'} = percentage( $mycalc{'max_peak_memory'}, $physical_memory ); @@ -1943,7 +1943,7 @@ sub calculations { . hr_bytes( $mycalc{'max_peak_memory'} ) . ""; debugprint "Max Peak Percentage RAM: " . $mycalc{'pct_max_physical_memory'} . "%"; - + # Slow queries $mycalc{'pct_slow_queries'} = int( ( $mystat{'Slow_queries'} / $mystat{'Questions'} ) * 100 ); @@ -2275,7 +2275,7 @@ sub mysql_stats { . " global + " . hr_bytes( $mycalc{'per_thread_buffers'} ) . " per thread ($myvar{'max_connections'} max threads)"; - + infoprint "P_S Max memory usage: ".hr_bytes_rnd(get_pf_memory()); if ( $opt{buffers} ne 0 ) { infoprint "Global Buffers"; infoprint " +-- Key Buffer: " @@ -2913,6 +2913,13 @@ sub mariadb_threadpool { } } +sub get_pf_memory +{ + + my @infoPFSMemory=grep /performance_schema.memory/, select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); + $infoPFSMemory[0] =~ s/.*\s+(\d+)$/$1/g; + return $infoPFSMemory[0]; +} # Recommendations for Performance Schema sub mysqsl_pfs { prettyprint @@ -2927,6 +2934,7 @@ sub mysqsl_pfs { else { infoprint "Performance schema is enabled."; } + infoprint "Memory used by P_S: ". hr_bytes(get_pf_memory()); } # Recommendations for Ariadb @@ -3758,7 +3766,7 @@ cve_recommendations; # Display related CVE calculations; # Calculate everything we need mysql_stats; # Print the server stats mysqsl_pfs # Print Performance schema info - mariadb_threadpool; # Print MaraiDB ThreadPool stats +mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats mariadb_ariadb; # Print MaraiDB AriaDB stats mysql_innodb; # Print InnoDB stats From 83010dd32ef09a1d7edf9e65bc3a1af0306a2ae6 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Tue, 5 Apr 2016 12:25:20 -0400 Subject: [PATCH 060/237] Bug fix on aria metrics --- mysqltuner.pl | 51 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 16 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index deccf52..e1086f9 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -966,7 +966,7 @@ sub get_all_vars { $result{'Storage Engines'}{$engine} = $2; } } - + debugprint Dumper(@mysqlenginelist); my @mysqlslave = select_array "SHOW SLAVE STATUS\\G"; foreach my $line (@mysqlslave) { @@ -1923,14 +1923,14 @@ sub calculations { # Max used memory is memory used by MySQL based on Max_used_connections # This is the max memory used theorically calculated with the max concurrent connection number reached by mysql $mycalc{'max_used_memory'} = - $mycalc{'server_buffers'} + $mycalc{"max_total_per_thread_buffers"} +get_pf_memory(); + $mycalc{'server_buffers'} + $mycalc{"max_total_per_thread_buffers"} +get_pf_memory() + get_gcache_memory(); $mycalc{'pct_max_used_memory'} = percentage( $mycalc{'max_used_memory'}, $physical_memory ); # Total possible memory is memory needed by MySQL based on max_connections # This is the max memory MySQL can theorically used if all connections allowed has opened by mysql $mycalc{'max_peak_memory'} = - $mycalc{'server_buffers'} + $mycalc{'total_per_thread_buffers'} + get_pf_memory(); + $mycalc{'server_buffers'} + $mycalc{'total_per_thread_buffers'} + get_pf_memory()+ get_gcache_memory(); $mycalc{'pct_max_physical_memory'} = percentage( $mycalc{'max_peak_memory'}, $physical_memory ); @@ -2055,7 +2055,7 @@ sub calculations { if ( defined $mycalc{'total_aria_indexes'} and $mycalc{'total_aria_indexes'} == 0 ) { - $mycalc{'total_aria_indexes'} = "fail"; + $mycalc{'total_aria_indexes'} = 1; } elsif ( defined $mycalc{'total_aria_indexes'} ) { chomp( $mycalc{'total_aria_indexes'} ); @@ -2276,6 +2276,7 @@ sub mysql_stats { . hr_bytes( $mycalc{'per_thread_buffers'} ) . " per thread ($myvar{'max_connections'} max threads)"; infoprint "P_S Max memory usage: ".hr_bytes_rnd(get_pf_memory()); + infoprint "Galera GCache Max memory usage: ".hr_bytes_rnd(get_gcache_memory()); if ( $opt{buffers} ne 0 ) { infoprint "Global Buffers"; infoprint " +-- Key Buffer: " @@ -2944,8 +2945,7 @@ sub mariadb_ariadb { # AriaDB unless ( defined $myvar{'have_aria'} - && $myvar{'have_aria'} eq "YES" - && defined $enginestats{'Aria'} ) + and $myvar{'have_aria'} eq "YES" ) { infoprint "AriaDB is disabled."; return; @@ -3034,12 +3034,31 @@ sub trim { return $string; } +sub get_wsrep_options { + return () unless defined $myvar{'wsrep_provider_options'} ; + + my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; + remove_cr @galera_options; + @galera_options=remove_empty @galera_options; + return @galera_options; +} +sub get_gcache_memory { + return 0 unless defined $myvar{'wsrep_provider_options'} ; + + my @galera_options=get_wsrep_options; + return 0 unless scalar(@galera_options) >0; + my @memValues= grep /gcache.mem_size/, @galera_options; + my $memValue=$memValues[0]; + $memValue =~ s/.*=\s*(\d+)$/$1/g; + return $memValue; + +} # Recommendations for Galera sub mariadb_galera { prettyprint "\n-------- Galera Metrics ------------------------------------------------------"; - # AriaDB + # Galera Cluster unless ( defined $myvar{'have_galera'} && $myvar{'have_galera'} eq "YES" ) { @@ -3047,26 +3066,26 @@ sub mariadb_galera { return; } infoprint "Galera is enabled."; - infoprint "Galera variables:"; + debugprint "Galera variables:"; foreach my $gvar ( keys %myvar ) { next unless $gvar =~ /^wsrep.*/; next if $gvar eq 'wsrep_provider_options'; - infoprint "\t".trim($gvar). " = ".$myvar{$gvar}; + debugprint "\t".trim($gvar). " = ".$myvar{$gvar}; } - infoprint "Galera wsrep provider Options:"; - my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; - remove_cr @galera_options; - @galera_options=remove_empty @galera_options; + debugprint "Galera wsrep provider Options:"; + my @galera_options=get_wsrep_options; foreach my $gparam ( @galera_options ) { - infoprint "\t".trim($gparam); + debugprint "\t".trim($gparam); } - infoprint "Galera status:"; + debugprint "Galera status:"; foreach my $gstatus ( keys %mystat ) { next unless $gstatus =~ /^wsrep.*/; - infoprint "\t".trim($gstatus). " = ".$mystat{$gstatus}; + debugprint "\t".trim($gstatus). " = ".$mystat{$gstatus}; } + infoprint "GCache is using ".hr_bytes_rnd(get_gcache_memory()); my @primaryKeysNbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.columns where table_schema not in ('mysql', 'information_schema', 'performance_schema') group by table_schema,table_name having sum(if(column_key in ('PRI','UNI'), 1,0)) = 0"); + if (scalar (@primaryKeysNbTables) > 0 ) { badprint "Following table(s) don't have primary key:"; foreach my $badtable( @primaryKeysNbTables ) { From 15854a6c94d78d4b4a942af4832edd1bbd1bcac5 Mon Sep 17 00:00:00 2001 From: "Jean-Marie RENOUARDjmrenouard@gmail.com" Date: Tue, 5 Apr 2016 12:34:24 -0400 Subject: [PATCH 061/237] #138 for threadpool in mariadb and percona use default values --- mysqltuner.pl | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index e1086f9..c1a9696 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2876,6 +2876,12 @@ sub mariadb_threadpool { infoprint "ThreadPool stat is enabled."; infoprint "Thread Pool Size: " . $myvar{'thread_pool_size'} . " thread(s)."; + if ($myvar{'version'} =~ /mariadb|percona/i ) { + infoprint "Using default value is good enougth for your version (".$myvar{'version'}.")"; + return; + } + + if ( $myvar{'have_innodb'} eq 'YES' ) { if ( $myvar{'thread_pool_size'} < 16 or $myvar{'thread_pool_size'} > 36 ) From 8f0c2e6b3380c14584116c6f3ad4874e64951c9b Mon Sep 17 00:00:00 2001 From: Robert Milasan Date: Wed, 6 Apr 2016 10:33:56 +0200 Subject: [PATCH 062/237] Fix Galera checks, make sure we dont say that Galera is enabled when is not, clean-up typos --- mysqltuner.pl | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index c1a9696..6269799 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -931,7 +931,7 @@ sub get_all_vars { debugprint "S: $1 = $2"; } $myvar{'have_galera'} = "NO"; - if (defined($myvar{'wsrep_provider_options'})) { + if ( defined($myvar{'wsrep_provider_options'}) && $myvar{'wsrep_provider_options'} ne "") { $myvar{'have_galera'} = "YES"; debugprint "Galera options: ". $myvar{'wsrep_provider_options'}; } @@ -1477,7 +1477,7 @@ sub get_replication_status { } if ( scalar( keys %myrepl ) == 0 and scalar( keys %myslaves ) == 0 ) { - infoprint "This is a standalone server.."; + infoprint "This is a standalone server."; return; } if ( scalar( keys %myrepl ) == 0 ) { @@ -3127,22 +3127,21 @@ sub mariadb_galera { if ( defined($myvar{'wsrep_cluster_name'}) and $myvar{'wsrep_on'} eq "ON" ) { goodprint "Galera WsREP is enabled."; + if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { + goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; + } else { + badprint "Galera Cluster address is undefined"; + push @adjvars, "set up wsrep_cluster_address variable for Galera replication"; + } + if ( defined($myvar{'wsrep_cluster_name'}) and trim($myvar{'wsrep_cluster_name'}) ne "") { + goodprint "Galera Cluster name is defined: ".$myvar{'wsrep_cluster_name'}; + } else { + badprint "Galera Cluster name is undefined"; + push @adjvars, "set up wsrep_cluster_name variable for Galera replication"; + } } else { - badprint "Galera Wsesp is disabled"; + badprint "Galera WsREP is disabled"; } - if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { - goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; - } else { - badprint "Galera Cluster address is undefined"; - push @adjvars, "set up wsrep_cluster_address variable for Galera replication"; - } - - if ( defined($myvar{'wsrep_cluster_name'}) and trim($myvar{'wsrep_cluster_name'}) ne "") { - goodprint "Galera Cluster name is defined: ".$myvar{'wsrep_cluster_name'}; - } else { - badprint "Galera Cluster name is undefined"; - push @adjvars, "set up wsrep_cluster_name variable for Galera replication"; - } } # Recommendations for InnoDB From 845dc030e1bc1ba367109e76daa4fb45e85e8271 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 11 Apr 2016 12:01:01 +0200 Subject: [PATCH 063/237] Using a generic sub header function get_pf_memory return 0 for performance memory if P_F is disabled. --- mysqltuner.pl | 76 ++++++++++++++++++++++++++++----------------------- 1 file changed, 42 insertions(+), 34 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 6269799..5d43784 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -212,11 +212,16 @@ open( $fh, '>', $outputfile ) if defined($outputfile); $opt{nocolor} = 1 if defined($outputfile); +# Setting up the colors for the print styles +my $me=`whoami`; +$me =~s/\n//g; # Setting up the colors for the print styles my $good = ( $opt{nocolor} == 0 ) ? "[\e[0;32mOK\e[0m]" : "[OK]"; my $bad = ( $opt{nocolor} == 0 ) ? "[\e[0;31m!!\e[0m]" : "[!!]"; my $info = ( $opt{nocolor} == 0 ) ? "[\e[0;34m--\e[0m]" : "[--]"; my $deb = ( $opt{nocolor} == 0 ) ? "[\e[0;31mDG\e[0m]" : "[DG]"; +my $cmd = ( $opt{nocolor} == 0 ) ? "\e[1;32m[CMD]($me)" : "[CMD]($me)"; +my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : ""; # Super structure containing all information my %result; @@ -238,6 +243,24 @@ sub redwrap { sub greenwrap { return ( $opt{nocolor} == 0 ) ? "\e[0;32m" . $_[0] . "\e[0m" : $_[0]; } +sub cmdprint { prettyprint $cmd." ". $_[0]. $end; } +sub infoprintml { for my $ln(@_) { $ln =~s/\n//g; infoprint "\t$ln"; } } +sub infoprintcmd { cmdprint "@_"; infoprintml grep { $_ ne '' and $_ !~ /^\s*$/ } `@_ 2>&1`; } +sub subheaderprint { + my $tln=100; + my $sln=8; + my $ln=length("@_")+2; + + prettyprint " "; + #prettyprint "-"x$tln; + prettyprint "-"x$sln ." @_ ". "-"x($tln-$ln-$sln); + #prettyprint "-"x$tln; +} +sub infoprinthcmd { +# print Dumper @_; + subheaderprint "$_[0]"; + infoprintcmd "$_[1]"; +} # Calculates the parameter passed in bytes, then rounds it to one decimal place sub hr_bytes { @@ -1010,8 +1033,7 @@ sub get_basic_passwords { } sub cve_recommendations { - prettyprint -"\n-------- CVE Security Recommendations ---------------------------------------"; + subheaderprint"CVE Security Recommendations"; unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) { infoprint "Skipped due to --cvefile option undefined"; return; @@ -1260,8 +1282,7 @@ sub get_system_info() { sub system_recommendations { return if ( $opt{sysstat} == 0 ); - prettyprint -"\n-------- System Linux Recommendations ---------------------------------------"; + subheaderprint"System Linux Recommendations"; my $os = `uname`; unless ( $os =~ /Linux/i ) { infoprint "Skipped due to non Linux server"; @@ -1334,8 +1355,7 @@ sub system_recommendations { } sub security_recommendations { - prettyprint -"\n-------- Security Recommendations -------------------------------------------"; + subheaderprint "Security Recommendations"; if ( $opt{skippassword} eq 1 ) { infoprint "Skipped due to --skippassword option"; return; @@ -1464,8 +1484,7 @@ sub security_recommendations { } sub get_replication_status { - prettyprint -"\n-------- Replication Metrics -------------------------------------------------"; + subheaderprint "Replication Metrics"; infoprint "Galera Synchronous replication: ". $myvar{'have_galera'}; if ( scalar( keys %myslaves ) == 0 ) { infoprint "No replication slave(s) for this server."; @@ -1628,13 +1647,11 @@ my ( %enginestats, %enginecount, $fragtables ); sub check_storage_engines { if ( $opt{skipsize} eq 1 ) { - prettyprint -"\n-------- Storage Engine Statistics -------------------------------------------"; + subheaderprint "Storage Engine Statistics"; infoprint "Skipped due to --skipsize option"; return; } - prettyprint -"\n-------- Storage Engine Statistics -------------------------------------------"; + subheaderprint "Storage Engine Statistics"; my $engines; if ( mysql_version_ge( 5, 5 ) ) { @@ -2234,8 +2251,7 @@ sub calculations { } sub mysql_stats { - prettyprint -"\n-------- Performance Metrics -------------------------------------------------"; + subheaderprint "Performance Metrics"; # Show uptime, queries per second, connections, traffic stats my $qps; @@ -2737,8 +2753,7 @@ sub mysql_stats { # Recommendations for MyISAM sub mysql_myisam { - prettyprint -"\n-------- MyISAM Metrics ------------------------------------------------------"; + subheaderprint "MyISAM Metrics"; # Key buffer usage if ( defined( $mycalc{'pct_key_buffer_used'} ) ) { @@ -2863,8 +2878,7 @@ sub mysql_myisam { # Recommendations for ThreadPool sub mariadb_threadpool { - prettyprint -"\n-------- ThreadPool Metrics --------------------------------------------------"; + subheaderprint "ThreadPool Metrics"; # AriaDB unless ( defined $myvar{'have_threadpool'} @@ -2922,6 +2936,8 @@ sub mariadb_threadpool { sub get_pf_memory { + # Performance Schema + return 0 unless ( defined( $myvar{'performance_schema'} ) and $myvar{'performance_schema'} eq 'ON' ); my @infoPFSMemory=grep /performance_schema.memory/, select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); $infoPFSMemory[0] =~ s/.*\s+(\d+)$/$1/g; @@ -2929,8 +2945,7 @@ sub get_pf_memory } # Recommendations for Performance Schema sub mysqsl_pfs { - prettyprint -"\n-------- Performance schema --------------------------------------------------"; + subheaderprint "Performance schema"; # Performance Schema unless ( defined( $myvar{'performance_schema'} ) @@ -2946,8 +2961,7 @@ sub mysqsl_pfs { # Recommendations for Ariadb sub mariadb_ariadb { - prettyprint -"\n-------- AriaDB Metrics ------------------------------------------------------"; + subheaderprint "AriaDB Metrics"; # AriaDB unless ( defined $myvar{'have_aria'} @@ -3016,8 +3030,7 @@ sub mariadb_ariadb { # Recommendations for TokuDB sub mariadb_tokudb { - prettyprint -"\n-------- TokuDB Metrics ------------------------------------------------------"; + subheaderprint "TokuDB Metrics"; # AriaDB unless ( defined $myvar{'have_tokudb'} @@ -3061,8 +3074,7 @@ sub get_gcache_memory { } # Recommendations for Galera sub mariadb_galera { - prettyprint -"\n-------- Galera Metrics ------------------------------------------------------"; + subheaderprint "Galera Metrics"; # Galera Cluster unless ( defined $myvar{'have_galera'} @@ -3146,8 +3158,7 @@ sub mariadb_galera { # Recommendations for InnoDB sub mysql_innodb { - prettyprint -"\n-------- InnoDB Metrics ------------------------------------------------------"; + subheaderprint "InnoDB Metrics"; # InnoDB unless ( defined $myvar{'have_innodb'} @@ -3358,8 +3369,7 @@ sub mysql_innodb { sub mysql_databases { return if ( $opt{dbstat} == 0 ); - prettyprint -"\n-------- Database Metrics ----------------------------------------------------"; + subheaderprint "Database Metrics"; unless ( mysql_version_ge( 5, 5 ) ) { infoprint "Skip Database metrics from information schema missing in this version"; @@ -3543,8 +3553,7 @@ sub mysql_databases { sub mysql_indexes { return if ( $opt{idxstat} == 0 ); - prettyprint -"\n-------- Indexes Metrics -----------------------------------------------------"; + subheaderprint "Indexes Metrics"; unless ( mysql_version_ge( 5, 5 ) ) { infoprint "Skip Index metrics from information schema missing in this version"; @@ -3645,8 +3654,7 @@ ENDSQL # Take the two recommendation arrays and display them at the end of the output sub make_recommendations { - prettyprint -"\n-------- Recommendations -----------------------------------------------------"; + subheaderprint "Recommendations"; if ( @generalrec > 0 ) { prettyprint "General recommendations:"; foreach (@generalrec) { prettyprint " " . $_ . ""; } From d8a8dd42d3bf58d192f2a137a2df038adba70483 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Mon, 11 Apr 2016 12:24:49 +0200 Subject: [PATCH 064/237] ident fix --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 93d7833..860743c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -729,7 +729,7 @@ sub select_one { debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`; exit $?; } - debugprint "select_array: return code : $?"; + debugprint "select_array: return code : $?"; chomp($result); return $result; } From eea101019e3db09d331b19957bb033097973c084 Mon Sep 17 00:00:00 2001 From: Ricardo Velhote Date: Wed, 13 Apr 2016 14:39:40 +0100 Subject: [PATCH 065/237] Detect Ubuntu correctly when checking for OS Release --- mysqltuner.pl | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5d43784..8e43a9e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1107,6 +1107,15 @@ sub get_other_process_memory { } sub get_os_release { + if( -f "/etc/lsb-release") { + my @info_release = get_file_contents "/etc/lsb-release"; + remove_cr @info_release; + my $os_relase = $info_release[3]; + $os_relase =~ s/.*="//; + $os_relase =~ s/"$//; + return $os_relase; + } + if( -f "/etc/system-release") { my @info_release = get_file_contents "/etc/system-release"; remove_cr @info_release; From 67c80de3da43d285e7a73e09994fbcf6dfe601da Mon Sep 17 00:00:00 2001 From: root Date: Thu, 14 Apr 2016 19:27:14 +0200 Subject: [PATCH 066/237] Add a Code of Conduct from http://contributor-covenant.org/ --- CODE_OF_CONDUCT.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 CODE_OF_CONDUCT.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..c2b34e6 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,14 @@ +# Contributor Code of Conduct + +As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities. + +We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, age, or religion. + +Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team. + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers. + +This Code of Conduct is adapted from the [Contributor Covenant](http:contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/) + From 0ffe9507b660e35d76fbe86be5539f4dfb822523 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 14 Apr 2016 22:42:59 +0200 Subject: [PATCH 067/237] #187 #183 removing unitialized variables code #184 adding merge between show global variables and show global variables #184 update RPM template' --- build/mysqltuner.spec.tpl | 2 +- mysqltuner.pl | 72 +++++++++++++++++++++++---------------- 2 files changed, 44 insertions(+), 30 deletions(-) diff --git a/build/mysqltuner.spec.tpl b/build/mysqltuner.spec.tpl index 1fde663..22c4027 100644 --- a/build/mysqltuner.spec.tpl +++ b/build/mysqltuner.spec.tpl @@ -46,6 +46,6 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/* %changelog -* Thu Jan 5 2015 Jean-Marie RENOUARD %VERSION%-1 +* Thu Apr 14 20145 Jean-Marie RENOUARD %VERSION%-1 - Initial RPM release diff --git a/mysqltuner.pl b/mysqltuner.pl index 8e43a9e..af33278 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -157,7 +157,7 @@ sub usage { . " --debug Print debug information\n" . " --dbstat Print database information\n" . " --idxstat Print index information\n" - . "--sysstat Print system information\n" + . " --sysstat Print system information\n" . " --bannedports Ports banned separated by comma(,)\n" . " --maxportallowed Number of ports opened allowed on this hosts\n" . " --cvefile CVE File for vulnerability checks\n" @@ -933,31 +933,40 @@ sub get_tuning_info { # Populates all of the variable and status hashes my ( %mystat, %myvar, $dummyselect, %myrepl, %myslaves ); -sub get_all_vars { +sub arr2hash { + my $href=shift; + my $harr=shift; + my $sep=shift; + $sep='\s' unless defined($sep); + foreach my $line (@$harr) { + $line =~ /([a-zA-Z_]*)\s*$sep\s*(.*)/; + $$href{$1} = $2; + debugprint "V: $1 = $2"; + } +} +sub get_all_vars { # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; debugprint "VERSION: " . $dummyselect . ""; $result{'MySQL Client'}{'Version'} = $dummyselect; - my @mysqlvarlist = select_array "SHOW /*!50000 GLOBAL */ VARIABLES"; - foreach my $line (@mysqlvarlist) { - $line =~ /([a-zA-Z_]*)\s*(.*)/; - $myvar{$1} = $2; - $result{'Variables'}{$1} = $2; - debugprint "V: $1 = $2"; - } - my @mysqlstatlist = select_array "SHOW /*!50000 GLOBAL */ STATUS"; - foreach my $line (@mysqlstatlist) { - $line =~ /([a-zA-Z_]*)\s*(.*)/; - $mystat{$1} = $2; - $result{'Status'}{$1} = $2; - debugprint "S: $1 = $2"; - } + + my @mysqlvarlist = select_array ("SHOW GLOBAL VARIABLES"); + push (@mysqlvarlist, select_array ("SHOW VARIABLES")); + arr2hash(\%myvar, \@mysqlvarlist); + $result{'Variables'}=%myvar; + + my @mysqlstatlist = select_array ("SHOW GLOBAL STATUS"); + push (@mysqlstatlist, select_array ("SHOW STATUS")); + arr2hash(\%mystat, \@mysqlstatlist); + $result{'Status'}=%mystat; + $myvar{'have_galera'} = "NO"; if ( defined($myvar{'wsrep_provider_options'}) && $myvar{'wsrep_provider_options'} ne "") { $myvar{'have_galera'} = "YES"; - debugprint "Galera options: ". $myvar{'wsrep_provider_options'}; + debugprint "Galera options: ". $myvar{'wsrep_provider_options'}; } + # Workaround for MySQL bug #59393 wrt. ignore-builtin-innodb if ( ( $myvar{'ignore_builtin_innodb'} || "" ) eq "ON" ) { $myvar{'have_innodb'} = "NO"; @@ -990,16 +999,9 @@ sub get_all_vars { } } debugprint Dumper(@mysqlenginelist); - my @mysqlslave = select_array "SHOW SLAVE STATUS\\G"; - - foreach my $line (@mysqlslave) { - if ( $line =~ /\s*(.*):\s*(.*)/ ) { - debugprint "$1 => $2"; - $myrepl{"$1"} = $2; - $result{'Replication'}{'Status'}{$1} = $2; - } - } - + my @mysqlslave = select_array("SHOW SLAVE STATUS\\G"); + arr2hash(\%myrepl, \@mysqlslave, ':'); + $result{'Replication'}{'Status'}=%myrepl; my @mysqlslaves = select_array "SHOW SLAVE HOSTS"; my @lineitems = (); foreach my $line (@mysqlslaves) { @@ -1138,9 +1140,7 @@ sub get_os_release { $os_relase =~ s/\s+\\n.*//; return $os_relase; } - return "Unknown OS release"; - } sub get_fs_info() { @@ -1178,6 +1178,20 @@ sub get_fs_info() { } } +sub merge_hash +{ + my $h1=shift; + my $h2=shift; + my %result={}; + foreach my $substanceref ( $h1, $h2 ) { + while ( my ($k, $v) = each %$substanceref) { + next if (exists $result{$k}); + $result{$k} = $v; + } + } + return \%result; +} + sub is_virtual_machine() { my $isVm = `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`; return ( $isVm == 0 ? 0 : 1 ); From ba584c91ccd1116980b86f70012ff8ee8c8c4281 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 14 Apr 2016 22:49:21 +0200 Subject: [PATCH 068/237] Update version #183 --- mysqltuner.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index af33278..58d0612 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.9 +# mysqltuner.pl - Version 1.6.10 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -51,7 +51,7 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # Set up a few variables for use in the script -my $tunerversion = "1.6.9"; +my $tunerversion = "1.6.10"; my ( @adjvars, @generalrec ); # Set defaults @@ -966,7 +966,7 @@ sub get_all_vars { $myvar{'have_galera'} = "YES"; debugprint "Galera options: ". $myvar{'wsrep_provider_options'}; } - + # Workaround for MySQL bug #59393 wrt. ignore-builtin-innodb if ( ( $myvar{'ignore_builtin_innodb'} || "" ) eq "ON" ) { $myvar{'have_innodb'} = "NO"; @@ -3845,7 +3845,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.8 - MySQL High Performance Tuning Script + MySQLTuner 1.6.10 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From d09cb777739bec7ee86be83baf7af883d0116a06 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 14 Apr 2016 22:50:13 +0200 Subject: [PATCH 069/237] Update usage file --- USAGE.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/USAGE.md b/USAGE.md index c5fbc92..8742623 100644 --- a/USAGE.md +++ b/USAGE.md @@ -1,6 +1,6 @@ # NAME - MySQLTuner 1.6.8 - MySQL High Performance Tuning Script + MySQLTuner 1.6.10 - MySQL High Performance Tuning Script # IMPORTANT USAGE GUIDELINES @@ -39,6 +39,7 @@ You must provide the remote server's total memory when connecting to other serve --debug Print debug information --dbstat Print database information --idxstat Print index information + --sysstat Print system information --bannedports Ports banned separated by comma(,) --maxportallowed Number of ports opened allowed on this hosts --cvefile CVE File for vulnerability checks From 81100f3bba095b27f43c9edaa8286d7388a55d91 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 14 Apr 2016 22:52:13 +0200 Subject: [PATCH 070/237] Last fix on template --- build/mysqltuner.spec.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/mysqltuner.spec.tpl b/build/mysqltuner.spec.tpl index 22c4027..e4cfcb8 100644 --- a/build/mysqltuner.spec.tpl +++ b/build/mysqltuner.spec.tpl @@ -46,6 +46,6 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/* %changelog -* Thu Apr 14 20145 Jean-Marie RENOUARD %VERSION%-1 +* Thu Apr 14 2016 Jean-Marie RENOUARD %VERSION%-1 - Initial RPM release From 66a57af80b13a0141c424b0e1bc606200ba68fb6 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 14 Apr 2016 23:11:18 +0200 Subject: [PATCH 071/237] #182 using abs value for result --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 58d0612..8ad63de 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3341,8 +3341,8 @@ sub mysql_innodb { && $mycalc{'pct_write_efficiency'} < 90 ) { badprint "InnoDB Write Log efficiency: " - . $mycalc{'pct_write_efficiency'} . "% (" - . ( $mystat{'Innodb_log_write_requests'} - + . abs($mycalc{'pct_write_efficiency'}) . "% (" + . abs( $mystat{'Innodb_log_write_requests'} - $mystat{'Innodb_log_writes'} ) . " hits/ " . $mystat{'Innodb_log_write_requests'} From 76a28ab29a98fc377db2a4899369b6a4a0be55fe Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Fri, 15 Apr 2016 06:33:05 -0400 Subject: [PATCH 072/237] Adding typo fixes Adding check for memory with other process --- mysqltuner.pl | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index d8d0758..4b02a46 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1236,7 +1236,7 @@ sub get_kernel_info() } if (`sysctl -n vm.swappiness` > 10) { badprint "Swappiness is > 10, please consider having a value lower than 10"; - push @generalrec, "setup swappieness lower or equals to 10"; + push @generalrec, "setup swappiness lower or equals to 10"; push @adjvars, 'vm.swappiness <= 10 (echo 0 > /proc/sys/vm/swappiness)'; } else { infoprint "Swappiness is < 10."; @@ -2309,6 +2309,11 @@ sub mysql_stats { } # Memory usage + + infoprint "Physical Memory : ". hr_bytes($physical_memory); + infoprint "Max MySQL memory : ". hr_bytes( $mycalc{'max_peak_memory'} ); + infoprint "Other process memory: ". hr_bytes( get_other_process_memory() ); + infoprint "Total buffers: " . hr_bytes( $mycalc{'server_buffers'} ) . " global + " @@ -2391,6 +2396,13 @@ sub mysql_stats { . " ($mycalc{'pct_max_physical_memory'}% of installed RAM)"; } + if ($physical_memory < ($mycalc{'max_peak_memory'}+get_other_process_memory())) { + badprint "Overall possible memory usage with other process exceeded memory"; + push( @generalrec, "Dedicated this server to your database for highest performance." ); + } else { + goodprint "Overall possible memory usage with other process is compatible with memory available"; + } + # Slow queries if ( $mycalc{'pct_slow_queries'} > 5 ) { badprint "Slow queries: $mycalc{'pct_slow_queries'}% (" @@ -2520,9 +2532,7 @@ sub mysql_stats { # Sorting if ( $mycalc{'total_sorts'} == 0 ) { - - # For the sake of space, we will be quiet here - # No sorts have run yet + goodprint "No Sort requiring temporary tables"; } elsif ( $mycalc{'pct_temp_sort_table'} > 10 ) { badprint @@ -2561,8 +2571,7 @@ sub mysql_stats { "Adjust your join queries to always utilize indexes" ); } else { - - # For the sake of space, we will be quiet here + goodprint "No joins without indexes"; # No joins have run without indexes } @@ -2617,9 +2626,7 @@ sub mysql_stats { } } else { - - # For the sake of space, we will be quiet here - # No temporary tables have been created + goodprint "No tmp tables created on disk"; } # Thread cache @@ -3403,7 +3410,7 @@ sub mysql_databases { infoprint "There is " . scalar(@dblist) . " Database(s)."; my @totaldbinfo = split /\s/, select_one( -"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES;" +"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql' );" ); infoprint "All Databases:"; infoprint " +-- TABLE : " @@ -3447,8 +3454,7 @@ sub mysql_databases { if ( $_ eq "information_schema" or $_ eq "performance_schema" - - # or $_ eq "mysql" + or $_ eq "mysql" or $_ eq "" ) { From 612eea48fdc63cb3048944aabcbb6a05ec160dc1 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Fri, 15 Apr 2016 10:17:56 -0400 Subject: [PATCH 073/237] All version for galera checks #150 --- mysqltuner.pl | 104 +++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 94 insertions(+), 10 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4b02a46..357c322 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3089,19 +3089,24 @@ sub get_wsrep_options { my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; remove_cr @galera_options; @galera_options=remove_empty @galera_options; + debugprint Dumper(\@galera_options); return @galera_options; } sub get_gcache_memory { - return 0 unless defined $myvar{'wsrep_provider_options'} ; - - my @galera_options=get_wsrep_options; - return 0 unless scalar(@galera_options) >0; - my @memValues= grep /gcache.mem_size/, @galera_options; - my $memValue=$memValues[0]; - $memValue =~ s/.*=\s*(\d+)$/$1/g; - return $memValue; - + return get_wsrep_option 'gcache.mem_size'; } +sub get_wsrep_option { + my $key=shift; + return '' unless defined $myvar{'wsrep_provider_options'} ; + my @galera_options=get_wsrep_options; + return '' unless scalar(@galera_options) >0; + my @memValues= grep /\s*$key =/, @galera_options; + my $memValue=$memValues[0]; + $memValue =~ s/.*=\s*(.+)$/$1/g; + return $memValue; +} + + # Recommendations for Galera sub mariadb_galera { subheaderprint "Galera Metrics"; @@ -3131,7 +3136,7 @@ sub mariadb_galera { next unless $gstatus =~ /^wsrep.*/; debugprint "\t".trim($gstatus). " = ".$mystat{$gstatus}; } - infoprint "GCache is using ".hr_bytes_rnd(get_gcache_memory()); + infoprint "GCache is using ".hr_bytes_rnd(get_wsrep_option('gcache.mem_size')); my @primaryKeysNbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.columns where table_schema not in ('mysql', 'information_schema', 'performance_schema') group by table_schema,table_name having sum(if(column_key in ('PRI','UNI'), 1,0)) = 0"); if (scalar (@primaryKeysNbTables) > 0 ) { @@ -3171,6 +3176,17 @@ sub mariadb_galera { goodprint "Galera WsREP is enabled."; if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; + my $nbNodes=scalar(split /,/, $myvar{'wsrep_cluster_address'}); + if ( $nbNodes !=3 or $nbNodes != 5) { + goodprint "There is $nbNodes nodes."; + } else { + badprint "There is $nbNodes nodes. Prefer 3 or 5 nodes achitecture."; + } + if ($nbNodes != trim ($mystat{'wsrep_cluster_size'}) ) { + badprint "All cluster nodes dre not detected. wsrep_cluster_size != informations in wsrep_cluster_adress"; + } else { + badprint "All cluster nodes destected."; + } } else { badprint "Galera Cluster address is undefined"; push @adjvars, "set up wsrep_cluster_address variable for Galera replication"; @@ -3181,9 +3197,77 @@ sub mariadb_galera { badprint "Galera Cluster name is undefined"; push @adjvars, "set up wsrep_cluster_name variable for Galera replication"; } + if ( defined($myvar{'wsrep_node_name'}) and trim($myvar{'wsrep_node_name'}) ne "") { + goodprint "Galera Node name is defined: ".$myvar{'wsrep_node_name'}; + } else { + badprint "Galera node name is undefined"; + push @adjvars, "set up wsrep_node_name variable for Galera replication"; + } + if ( trim ($myvar{'wsrep_notify_cmd'}) ne "" ) { + goodprint "Galera Notify command is defined."; + } else { + badprint "Galera Notify command is not defined."; + push( @adjvars, "set up parameter wsrep_notify_cmd to be notify"); + } + if ( trim ($myvar{'wsrep_sst_method'}) ne "xtrabackup" ) { + badprint "Galera SST method is xtrabackup."; + push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup"); + } else { + goodprint "SST Method is inot based on xtrabackup."; + } + if ( trim ($myvar{'wsrep_OSU_method'}) eq "TOI" ) { + goodprint "TOI is default mode for upgrade."; + } else { + badprint "Schema upgrade are not replicated automatically"; + push( @adjvars, "set up parameter wsrep_OSU_method to TOI"); + } + infoprint "Max WsRep message : " .hr_bytes( $myvar{'wsrep_max_ws_size'}); } else { badprint "Galera WsREP is disabled"; } + + + if (defined($mystat{'wsrep_connected'}) and $mystat{'wsrep_connected'} eq "ON") { + goodprint "Node is connected"; + } else { + badprint "Node is disconnected"; + } + if (defined($mystat{'wsrep_ready'}) and $mystat{'wsrep_ready'} eq "ON") { + goodprint "Node is ready"; + } else { + badprint "Node is not ready"; + } +infoprint "Cluster status :".$mystat{'wsrep_cluster_status'}; + if (defined($mystat{'wsrep_cluster_status'}) and $mystat{'wsrep_cluster_status'} eq "Primary") { + goodprint "Galera cluster is consistent and ready for operations"; + } else { + badprint "Cluster is not consistent and ready"; + } + if ($mystat{'wsrep_local_state_uuid'} eq $mystat{'wsrep_cluster_state_uuid'}) { + goodprint "Node and whole cluster at the same level: ".$mystat{'wsrep_cluster_state_uuid'}; + } else { + badprint "Node and whole cluster not the same level"; + infoprint "Node state uuid: ".$mystat{'wsrep_local_state_uuid'}; + infoprint "Cluster state uuid: ".$mystat{'wsrep_cluster_state_uuid'}; + } + if ($mystat{'wsrep_local_state_comment'} eq 'Synced' ) { + goodprint "Node is synced with whole cluster."; + } else { + badprint "Node is not synced"; + infoprint "Node State : ".$mystat{'wsrep_local_state_comment'}; + } + if ($mystat{'wsrep_local_cert_failures'} == 0 ) { + goodprint "There is no certification failures detected."; + } else { + badprint "There is ".$mystat{'wsrep_local_cert_failures'}." certification failure(s)detected."; + } + + for my $key (keys %mystat) { + if ($key =~ /wsrep_|galera/i) { + debugprint "WSREP: $key = $mystat{$key}"; + } + } + debugprint Dumper get_wsrep_options(); } # Recommendations for InnoDB From 86ad610b6c72e720399a99bffb7739a402b8bed2 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 18 Apr 2016 10:59:50 +0200 Subject: [PATCH 074/237] #189 fix memory calculation when Galera is disabled --- mysqltuner.pl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 357c322..c174c00 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3093,7 +3093,10 @@ sub get_wsrep_options { return @galera_options; } sub get_gcache_memory { - return get_wsrep_option 'gcache.mem_size'; + my $gCacheMem=get_wsrep_option('gcache.mem_size'); + + return 0 unless defined $gCacheMem and $gCacheMem ne ''; + return $gCacheMem; } sub get_wsrep_option { my $key=shift; From 80def039234b042dd5781e8ca4c3ddd7251e1644 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 18 Apr 2016 11:07:05 +0200 Subject: [PATCH 075/237] #187 enforce control over P_S activation --- mysqltuner.pl | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index c174c00..1aee004 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2967,9 +2967,11 @@ sub mariadb_threadpool { sub get_pf_memory { # Performance Schema - return 0 unless ( defined( $myvar{'performance_schema'} ) and $myvar{'performance_schema'} eq 'ON' ); - + return 0 unless defined $myvar{'performance_schema'}; + return 0 if $myvar{'performance_schema'} eq 'OFF'; + my @infoPFSMemory=grep /performance_schema.memory/, select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); + return 0 if scalar(@infoPFSMemory)==0; $infoPFSMemory[0] =~ s/.*\s+(\d+)$/$1/g; return $infoPFSMemory[0]; } From bc2017ba3e7997ec2b79b9a5878e00341ff3d0e0 Mon Sep 17 00:00:00 2001 From: Sergei A Mamonov Date: Mon, 18 Apr 2016 17:45:34 +0300 Subject: [PATCH 076/237] change external which to sub which(), little fix for use get_http_cli and get external ip via wget --- mysqltuner.pl | 105 +++++++++++++++++++++++++++++--------------------- 1 file changed, 61 insertions(+), 44 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1aee004..4c37e8b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -50,6 +50,9 @@ use Cwd 'abs_path'; use Data::Dumper; $Data::Dumper::Pair = " : "; +# for which() +use Env; + # Set up a few variables for use in the script my $tunerversion = "1.6.10"; my ( @adjvars, @generalrec ); @@ -442,19 +445,20 @@ sub os_setup { } sub get_http_cli { - my $httpcli = `which curl`; + my $httpcli = which("curl", $PATH); chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { - return $httpcli; + if ($httpcli) { + return $httpcli; } - $httpcli = `which wget`; + $httpcli = which("wget", $PATH); chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { - return $httpcli; + if ($httpcli) { + return $httpcli; } return ""; } + # Checks for updates to MySQLTuner sub validate_tuner_version { if ( $opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0 ) { @@ -466,9 +470,8 @@ sub validate_tuner_version { my $update; my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl"; - my $httpcli = `which curl`; - chomp($httpcli); - if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { + my $httpcli = get_http_cli(); + if ( $httpcli =~ /curl$/ ) { debugprint "$httpcli is available."; debugprint @@ -484,9 +487,7 @@ sub validate_tuner_version { } - $httpcli = `which wget`; - chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { + if ($httpcli =~ /wget$/ ) { debugprint "$httpcli is available."; debugprint @@ -516,12 +517,11 @@ sub update_tuner_version { ( "mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv" ); my $totalScripts = scalar(@scripts); my $receivedScripts = 0; - my $httpcli = `which curl`; + my $httpcli = get_http_cli(); foreach my $script (@scripts) { - chomp($httpcli); - if ( 1 != 1 and defined($httpcli) and -e "$httpcli" ) { + if ( $httpcli =~ /curl$/ ) { debugprint "$httpcli is available."; debugprint @@ -539,33 +539,29 @@ sub update_tuner_version { debugprint "$script updated: $update"; } } - else { + elsif ( $httpcli =~ /wget$/ ) { - $httpcli = `which wget`; - chomp($httpcli); - if ( defined($httpcli) and -e "$httpcli" ) { - debugprint "$httpcli is available."; + debugprint "$httpcli is available."; - debugprint - "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; - $update = - `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; - chomp($update); + debugprint + "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; + $update = + `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; + chomp($update); - if ( -s $script eq 0 ) { - badprint "Couldn't update $script"; - } - else { - ++$receivedScripts; - debugprint "$script updated: $update"; - } - - } - else { - debugprint "curl and wget are not available."; - infoprint "Unable to check for the latest MySQLTuner version"; - } - } + if ( -s $script eq 0 ) { + badprint "Couldn't update $script"; + } + else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + } + else { + debugprint "curl and wget are not available."; + infoprint "Unable to check for the latest MySQLTuner version"; + } + } if ( $receivedScripts eq $totalScripts ) { @@ -612,7 +608,7 @@ sub mysql_setup { $mysqladmincmd = $opt{mysqladmin}; } else { - $mysqladmincmd = `which mysqladmin`; + $mysqladmincmd = which("mysqladmin", $PATH); } chomp($mysqladmincmd); if ( !-e $mysqladmincmd && $opt{mysqladmin} ) { @@ -628,7 +624,7 @@ sub mysql_setup { $mysqlcmd = $opt{mysqlcmd}; } else { - $mysqlcmd = `which mysql`; + $mysqlcmd = which("mysql", $PATH); } chomp($mysqlcmd); if ( !-e $mysqlcmd && $opt{mysqlcmd} ) { @@ -705,7 +701,7 @@ sub mysql_setup { exit 1; } } - my $svcprop = `which svcprop 2>/dev/null`; + my $svcprop = which("svcprop", $PATH); if ( substr( $svcprop, 0, 1 ) =~ "/" ) { # We are on solaris @@ -1287,8 +1283,14 @@ sub get_system_info() { infoprint "Internal IP : " . infocmd_one "hostname -I"; my $httpcli=get_http_cli(); infoprint "HTTP client found: $httpcli" if defined $httpcli; - infoprint "External IP : " - . infocmd_one "$httpcli ipecho.net/plain" if defined ($httpcli); + if ( $httpcli =~ /curl$/) { + infoprint "External IP : " + . infocmd_one "$httpcli ipecho.net/plain"; + } + elsif ( $httpcli =~ /wget$/ ) { + infoprint "External IP : " + . infocmd_one "$httpcli -q -O - ipecho.net/plain"; + } badprint "External IP : Can't check because of Internet connectivity" unless defined($httpcli); infoprint "Name Servers : " @@ -3896,6 +3898,21 @@ sub dump_result { } } +sub which { + my $prog_name = shift; + my $path_string = shift; + my @path_array = split /:/, $PATH; + + for my $path ( @path_array) { + if ( -x "$path/$prog_name" ) { + return "$path/$prog_name"; + } + } + + return 0 +} + + # --------------------------------------------------------------------------- # BEGIN 'MAIN' # --------------------------------------------------------------------------- From b67bba859fcae0059265de7cb7e438bc6ec2fe83 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 19 Apr 2016 16:03:42 +0200 Subject: [PATCH 077/237] adding extra information about wsrep cluster size #184 --- mysqltuner.pl | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1aee004..06f39dd 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3179,19 +3179,26 @@ sub mariadb_galera { if ( defined($myvar{'wsrep_cluster_name'}) and $myvar{'wsrep_on'} eq "ON" ) { goodprint "Galera WsREP is enabled."; - if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { - goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; - my $nbNodes=scalar(split /,/, $myvar{'wsrep_cluster_address'}); + if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { + goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; + my $nbNodes=scalar(split /,/, $myvar{'wsrep_cluster_address'}); if ( $nbNodes !=3 or $nbNodes != 5) { - goodprint "There is $nbNodes nodes."; + goodprint "There is $nbNodes nodes in wsrep_cluster_address."; } else { - badprint "There is $nbNodes nodes. Prefer 3 or 5 nodes achitecture."; - } + badprint "There is $nbNodes nodes in wsrep_cluster_address. Prefer 3 or 5 nodes achitecture."; + } + my $nbNodesSize=trim ($mystat{'wsrep_cluster_size'}); + if ( $nbNodesSize !=3 or $nbNodesSize != 5) { + goodprint "There is $nbNodes nodes in wsrep_cluster_size."; + } else { + badprint "There is $nbNodes nodes in wsrep_cluster_size. Prefer 3 or 5 nodes achitecture."; + } + if ($nbNodes != trim ($mystat{'wsrep_cluster_size'}) ) { - badprint "All cluster nodes dre not detected. wsrep_cluster_size != informations in wsrep_cluster_adress"; + badprint "All cluster nodes dre not detected. wsrep_cluster_size != informations in wsrep_cluster_adress"; } else { - badprint "All cluster nodes destected."; - } + badprint "All cluster nodes detected."; + } } else { badprint "Galera Cluster address is undefined"; push @adjvars, "set up wsrep_cluster_address variable for Galera replication"; From 5b55c92ac53f1ddf2cd1bb2d6c3c028c3e2207d3 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 19 Apr 2016 16:11:35 +0200 Subject: [PATCH 078/237] #184: Additional information for galera Removing dependency to Env module #192 --- mysqltuner.pl | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index fc873b1..3eacdb1 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -51,7 +51,7 @@ use Data::Dumper; $Data::Dumper::Pair = " : "; # for which() -use Env; +#use Env; # Set up a few variables for use in the script my $tunerversion = "1.6.10"; @@ -445,13 +445,13 @@ sub os_setup { } sub get_http_cli { - my $httpcli = which("curl", $PATH); + my $httpcli = which("curl", $ENV{'PATH'}); chomp($httpcli); if ($httpcli) { return $httpcli; } - $httpcli = which("wget", $PATH); + $httpcli = which("wget", $ENV{'PATH'}); chomp($httpcli); if ($httpcli) { return $httpcli; @@ -608,7 +608,7 @@ sub mysql_setup { $mysqladmincmd = $opt{mysqladmin}; } else { - $mysqladmincmd = which("mysqladmin", $PATH); + $mysqladmincmd = which("mysqladmin", $ENV{'PATH'}); } chomp($mysqladmincmd); if ( !-e $mysqladmincmd && $opt{mysqladmin} ) { @@ -624,7 +624,7 @@ sub mysql_setup { $mysqlcmd = $opt{mysqlcmd}; } else { - $mysqlcmd = which("mysql", $PATH); + $mysqlcmd = which("mysql", $ENV{'PATH'}); } chomp($mysqlcmd); if ( !-e $mysqlcmd && $opt{mysqlcmd} ) { @@ -701,7 +701,7 @@ sub mysql_setup { exit 1; } } - my $svcprop = which("svcprop", $PATH); + my $svcprop = which("svcprop", $ENV{'PATH'}); if ( substr( $svcprop, 0, 1 ) =~ "/" ) { # We are on solaris @@ -3908,7 +3908,7 @@ sub dump_result { sub which { my $prog_name = shift; my $path_string = shift; - my @path_array = split /:/, $PATH; + my @path_array = split /:/, $ENV{'PATH'}; for my $path ( @path_array) { if ( -x "$path/$prog_name" ) { From fa1639e418df2edd77dd170cca4a8a14a0683c3b Mon Sep 17 00:00:00 2001 From: root Date: Tue, 19 Apr 2016 16:19:31 +0200 Subject: [PATCH 079/237] Tidify code --- mysqltuner.pl | 724 ++++++++++++++++++++++++++++---------------------- 1 file changed, 408 insertions(+), 316 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 3eacdb1..671206f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -216,15 +216,16 @@ open( $fh, '>', $outputfile ) $opt{nocolor} = 1 if defined($outputfile); # Setting up the colors for the print styles -my $me=`whoami`; -$me =~s/\n//g; +my $me = `whoami`; +$me =~ s/\n//g; + # Setting up the colors for the print styles -my $good = ( $opt{nocolor} == 0 ) ? "[\e[0;32mOK\e[0m]" : "[OK]"; -my $bad = ( $opt{nocolor} == 0 ) ? "[\e[0;31m!!\e[0m]" : "[!!]"; -my $info = ( $opt{nocolor} == 0 ) ? "[\e[0;34m--\e[0m]" : "[--]"; -my $deb = ( $opt{nocolor} == 0 ) ? "[\e[0;31mDG\e[0m]" : "[DG]"; -my $cmd = ( $opt{nocolor} == 0 ) ? "\e[1;32m[CMD]($me)" : "[CMD]($me)"; -my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : ""; +my $good = ( $opt{nocolor} == 0 ) ? "[\e[0;32mOK\e[0m]" : "[OK]"; +my $bad = ( $opt{nocolor} == 0 ) ? "[\e[0;31m!!\e[0m]" : "[!!]"; +my $info = ( $opt{nocolor} == 0 ) ? "[\e[0;34m--\e[0m]" : "[--]"; +my $deb = ( $opt{nocolor} == 0 ) ? "[\e[0;31mDG\e[0m]" : "[DG]"; +my $cmd = ( $opt{nocolor} == 0 ) ? "\e[1;32m[CMD]($me)" : "[CMD]($me)"; +my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : ""; # Super structure containing all information my %result; @@ -246,23 +247,35 @@ sub redwrap { sub greenwrap { return ( $opt{nocolor} == 0 ) ? "\e[0;32m" . $_[0] . "\e[0m" : $_[0]; } -sub cmdprint { prettyprint $cmd." ". $_[0]. $end; } -sub infoprintml { for my $ln(@_) { $ln =~s/\n//g; infoprint "\t$ln"; } } -sub infoprintcmd { cmdprint "@_"; infoprintml grep { $_ ne '' and $_ !~ /^\s*$/ } `@_ 2>&1`; } -sub subheaderprint { - my $tln=100; - my $sln=8; - my $ln=length("@_")+2; +sub cmdprint { prettyprint $cmd. " " . $_[0] . $end; } - prettyprint " "; - #prettyprint "-"x$tln; - prettyprint "-"x$sln ." @_ ". "-"x($tln-$ln-$sln); - #prettyprint "-"x$tln; +sub infoprintml { + for my $ln (@_) { $ln =~ s/\n//g; infoprint "\t$ln"; } } + +sub infoprintcmd { + cmdprint "@_"; + infoprintml grep { $_ ne '' and $_ !~ /^\s*$/ } `@_ 2>&1`; +} + +sub subheaderprint { + my $tln = 100; + my $sln = 8; + my $ln = length("@_") + 2; + + prettyprint " "; + + #prettyprint "-"x$tln; + prettyprint "-" x $sln . " @_ " . "-" x ( $tln - $ln - $sln ); + + #prettyprint "-"x$tln; +} + sub infoprinthcmd { -# print Dumper @_; - subheaderprint "$_[0]"; - infoprintcmd "$_[1]"; + + # print Dumper @_; + subheaderprint "$_[0]"; + infoprintcmd "$_[1]"; } # Calculates the parameter passed in bytes, then rounds it to one decimal place @@ -445,16 +458,16 @@ sub os_setup { } sub get_http_cli { - my $httpcli = which("curl", $ENV{'PATH'}); + my $httpcli = which( "curl", $ENV{'PATH'} ); chomp($httpcli); if ($httpcli) { - return $httpcli; + return $httpcli; } - - $httpcli = which("wget", $ENV{'PATH'}); + + $httpcli = which( "wget", $ENV{'PATH'} ); chomp($httpcli); if ($httpcli) { - return $httpcli; + return $httpcli; } return ""; } @@ -483,11 +496,12 @@ sub validate_tuner_version { compare_tuner_version($update); return; - } else { - + } + else { + } - if ($httpcli =~ /wget$/ ) { + if ( $httpcli =~ /wget$/ ) { debugprint "$httpcli is available."; debugprint @@ -541,27 +555,27 @@ sub update_tuner_version { } elsif ( $httpcli =~ /wget$/ ) { - debugprint "$httpcli is available."; + debugprint "$httpcli is available."; - debugprint - "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; - $update = - `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; - chomp($update); + debugprint + "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'"; + $update = + `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`; + chomp($update); + + if ( -s $script eq 0 ) { + badprint "Couldn't update $script"; + } + else { + ++$receivedScripts; + debugprint "$script updated: $update"; + } + } + else { + debugprint "curl and wget are not available."; + infoprint "Unable to check for the latest MySQLTuner version"; + } - if ( -s $script eq 0 ) { - badprint "Couldn't update $script"; - } - else { - ++$receivedScripts; - debugprint "$script updated: $update"; - } - } - else { - debugprint "curl and wget are not available."; - infoprint "Unable to check for the latest MySQLTuner version"; - } - } if ( $receivedScripts eq $totalScripts ) { @@ -608,7 +622,7 @@ sub mysql_setup { $mysqladmincmd = $opt{mysqladmin}; } else { - $mysqladmincmd = which("mysqladmin", $ENV{'PATH'}); + $mysqladmincmd = which( "mysqladmin", $ENV{'PATH'} ); } chomp($mysqladmincmd); if ( !-e $mysqladmincmd && $opt{mysqladmin} ) { @@ -624,7 +638,7 @@ sub mysql_setup { $mysqlcmd = $opt{mysqlcmd}; } else { - $mysqlcmd = which("mysql", $ENV{'PATH'}); + $mysqlcmd = which( "mysql", $ENV{'PATH'} ); } chomp($mysqlcmd); if ( !-e $mysqlcmd && $opt{mysqlcmd} ) { @@ -701,7 +715,7 @@ sub mysql_setup { exit 1; } } - my $svcprop = which("svcprop", $ENV{'PATH'}); + my $svcprop = which( "svcprop", $ENV{'PATH'} ); if ( substr( $svcprop, 0, 1 ) =~ "/" ) { # We are on solaris @@ -930,37 +944,40 @@ sub get_tuning_info { my ( %mystat, %myvar, $dummyselect, %myrepl, %myslaves ); sub arr2hash { - my $href=shift; - my $harr=shift; - my $sep=shift; - $sep='\s' unless defined($sep); - foreach my $line (@$harr) { + my $href = shift; + my $harr = shift; + my $sep = shift; + $sep = '\s' unless defined($sep); + foreach my $line (@$harr) { $line =~ /([a-zA-Z_]*)\s*$sep\s*(.*)/; $$href{$1} = $2; debugprint "V: $1 = $2"; - } + } } sub get_all_vars { + # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; debugprint "VERSION: " . $dummyselect . ""; $result{'MySQL Client'}{'Version'} = $dummyselect; - - my @mysqlvarlist = select_array ("SHOW GLOBAL VARIABLES"); - push (@mysqlvarlist, select_array ("SHOW VARIABLES")); - arr2hash(\%myvar, \@mysqlvarlist); - $result{'Variables'}=%myvar; - - my @mysqlstatlist = select_array ("SHOW GLOBAL STATUS"); - push (@mysqlstatlist, select_array ("SHOW STATUS")); - arr2hash(\%mystat, \@mysqlstatlist); - $result{'Status'}=%mystat; - + + my @mysqlvarlist = select_array("SHOW GLOBAL VARIABLES"); + push( @mysqlvarlist, select_array("SHOW VARIABLES") ); + arr2hash( \%myvar, \@mysqlvarlist ); + $result{'Variables'} = %myvar; + + my @mysqlstatlist = select_array("SHOW GLOBAL STATUS"); + push( @mysqlstatlist, select_array("SHOW STATUS") ); + arr2hash( \%mystat, \@mysqlstatlist ); + $result{'Status'} = %mystat; + $myvar{'have_galera'} = "NO"; - if ( defined($myvar{'wsrep_provider_options'}) && $myvar{'wsrep_provider_options'} ne "") { + if ( defined( $myvar{'wsrep_provider_options'} ) + && $myvar{'wsrep_provider_options'} ne "" ) + { $myvar{'have_galera'} = "YES"; - debugprint "Galera options: ". $myvar{'wsrep_provider_options'}; + debugprint "Galera options: " . $myvar{'wsrep_provider_options'}; } # Workaround for MySQL bug #59393 wrt. ignore-builtin-innodb @@ -996,8 +1013,8 @@ sub get_all_vars { } debugprint Dumper(@mysqlenginelist); my @mysqlslave = select_array("SHOW SLAVE STATUS\\G"); - arr2hash(\%myrepl, \@mysqlslave, ':'); - $result{'Replication'}{'Status'}=%myrepl; + arr2hash( \%myrepl, \@mysqlslave, ':' ); + $result{'Replication'}{'Status'} = %myrepl; my @mysqlslaves = select_array "SHOW SLAVE HOSTS"; my @lineitems = (); foreach my $line (@mysqlslaves) { @@ -1031,7 +1048,7 @@ sub get_basic_passwords { } sub cve_recommendations { - subheaderprint"CVE Security Recommendations"; + subheaderprint "CVE Security Recommendations"; unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) { infoprint "Skipped due to --cvefile option undefined"; return; @@ -1105,37 +1122,37 @@ sub get_other_process_memory { } sub get_os_release { - if( -f "/etc/lsb-release") { + if ( -f "/etc/lsb-release" ) { my @info_release = get_file_contents "/etc/lsb-release"; remove_cr @info_release; my $os_relase = $info_release[3]; $os_relase =~ s/.*="//; $os_relase =~ s/"$//; return $os_relase; - } + } - if( -f "/etc/system-release") { + if ( -f "/etc/system-release" ) { my @info_release = get_file_contents "/etc/system-release"; remove_cr @info_release; return $info_release[0]; - } + } - if ( -f "/etc/os-release") { + if ( -f "/etc/os-release" ) { my @info_release = get_file_contents "/etc/os-release"; remove_cr @info_release; my $os_relase = $info_release[0]; $os_relase =~ s/.*="//; $os_relase =~ s/"$//; return $os_relase; - } + } - if ( -f "/etc/issue") { + if ( -f "/etc/issue" ) { my @info_release = get_file_contents "/etc/issue"; remove_cr @info_release; my $os_relase = $info_release[0]; $os_relase =~ s/\s+\\n.*//; return $os_relase; - } + } return "Unknown OS release"; } @@ -1174,18 +1191,17 @@ sub get_fs_info() { } } -sub merge_hash -{ - my $h1=shift; - my $h2=shift; - my %result={}; - foreach my $substanceref ( $h1, $h2 ) { - while ( my ($k, $v) = each %$substanceref) { - next if (exists $result{$k}); - $result{$k} = $v; +sub merge_hash { + my $h1 = shift; + my $h2 = shift; + my %result = {}; + foreach my $substanceref ( $h1, $h2 ) { + while ( my ( $k, $v ) = each %$substanceref ) { + next if ( exists $result{$k} ); + $result{$k} = $v; + } } - } - return \%result; + return \%result; } sub is_virtual_machine() { @@ -1220,44 +1236,51 @@ sub infocmd_one { return join ', ', @result; } +sub get_kernel_info() { + my @params = ( + 'fs.aio-max-nr', 'fs.aio-nr', + 'fs.file-max', 'sunrpc.tcp_fin_timeout', + 'sunrpc.tcp_max_slot_table_entries', 'sunrpc.tcp_slot_table_entries', + 'vm.swappiness' + ); + infoprint "Informations about kernel tuning:"; + foreach my $param (@params) { + infocmd_tab("sysctl $param"); + } + if ( `sysctl -n vm.swappiness` > 10 ) { + badprint + "Swappiness is > 10, please consider having a value lower than 10"; + push @generalrec, "setup swappiness lower or equals to 10"; + push @adjvars, 'vm.swappiness <= 10 (echo 0 > /proc/sys/vm/swappiness)'; + } + else { + infoprint "Swappiness is < 10."; + } -sub get_kernel_info() -{ - my @params=('fs.aio-max-nr', 'fs.aio-nr', 'fs.file-max', 'sunrpc.tcp_fin_timeout', - 'sunrpc.tcp_max_slot_table_entries', 'sunrpc.tcp_slot_table_entries', - 'vm.swappiness'); - infoprint "Informations about kernel tuning:"; - foreach my $param (@params) { - infocmd_tab("sysctl $param"); - } - if (`sysctl -n vm.swappiness` > 10) { - badprint "Swappiness is > 10, please consider having a value lower than 10"; - push @generalrec, "setup swappiness lower or equals to 10"; - push @adjvars, 'vm.swappiness <= 10 (echo 0 > /proc/sys/vm/swappiness)'; - } else { - infoprint "Swappiness is < 10."; - } - - if (`sysctl -n sunrpc.tcp_slot_table_entries` < 100) { - badprint "Initial TCP slot entries is < 1M, please consider having a value greater than 100"; - push @generalrec, "setup Initial TCP slot entries greater than 100"; - push @adjvars, 'sunrpc.tcp_slot_table_entries > 100 (echo 128 > /proc/sys/sunrpc/tcp_slot_table_entries)'; - } else { - infoprint "TCP slot entries is > 100."; - } + if ( `sysctl -n sunrpc.tcp_slot_table_entries` < 100 ) { + badprint +"Initial TCP slot entries is < 1M, please consider having a value greater than 100"; + push @generalrec, "setup Initial TCP slot entries greater than 100"; + push @adjvars, +'sunrpc.tcp_slot_table_entries > 100 (echo 128 > /proc/sys/sunrpc/tcp_slot_table_entries)'; + } + else { + infoprint "TCP slot entries is > 100."; + } - - if (`sysctl -n fs.aio-max-nr` < 1000000) { - badprint "Max running total of the number of events is < 1M, please consider having a value greater than 1M"; - push @generalrec, "setup Max running number events greater than 1M"; - push @adjvars, 'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)'; - } else { - infoprint "Max Number of AIO events is > 1M."; - } + if ( `sysctl -n fs.aio-max-nr` < 1000000 ) { + badprint +"Max running total of the number of events is < 1M, please consider having a value greater than 1M"; + push @generalrec, "setup Max running number events greater than 1M"; + push @adjvars, + 'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)'; + } + else { + infoprint "Max Number of AIO events is > 1M."; + } } - sub get_system_info() { infoprint get_os_release; if (is_virtual_machine) { @@ -1281,9 +1304,10 @@ sub get_system_info() { infoprint "Network Cards : "; infocmd_tab "ifconfig| grep -A1 mtu"; infoprint "Internal IP : " . infocmd_one "hostname -I"; - my $httpcli=get_http_cli(); + my $httpcli = get_http_cli(); infoprint "HTTP client found: $httpcli" if defined $httpcli; - if ( $httpcli =~ /curl$/) { + + if ( $httpcli =~ /curl$/ ) { infoprint "External IP : " . infocmd_one "$httpcli ipecho.net/plain"; } @@ -1292,7 +1316,8 @@ sub get_system_info() { . infocmd_one "$httpcli -q -O - ipecho.net/plain"; } badprint - "External IP : Can't check because of Internet connectivity" unless defined($httpcli); + "External IP : Can't check because of Internet connectivity" + unless defined($httpcli); infoprint "Name Servers : " . infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; infoprint "Logged In users : "; @@ -1306,8 +1331,8 @@ sub get_system_info() { } sub system_recommendations { - return if ( $opt{sysstat} == 0 ); - subheaderprint"System Linux Recommendations"; + return if ( $opt{sysstat} == 0 ); + subheaderprint "System Linux Recommendations"; my $os = `uname`; unless ( $os =~ /Linux/i ) { infoprint "Skipped due to non Linux server"; @@ -1509,8 +1534,8 @@ sub security_recommendations { } sub get_replication_status { - subheaderprint "Replication Metrics"; - infoprint "Galera Synchronous replication: ". $myvar{'have_galera'}; + subheaderprint "Replication Metrics"; + infoprint "Galera Synchronous replication: " . $myvar{'have_galera'}; if ( scalar( keys %myslaves ) == 0 ) { infoprint "No replication slave(s) for this server."; } @@ -1965,14 +1990,20 @@ sub calculations { # Max used memory is memory used by MySQL based on Max_used_connections # This is the max memory used theorically calculated with the max concurrent connection number reached by mysql $mycalc{'max_used_memory'} = - $mycalc{'server_buffers'} + $mycalc{"max_total_per_thread_buffers"} +get_pf_memory() + get_gcache_memory(); + $mycalc{'server_buffers'} + + $mycalc{"max_total_per_thread_buffers"} + + get_pf_memory() + + get_gcache_memory(); $mycalc{'pct_max_used_memory'} = percentage( $mycalc{'max_used_memory'}, $physical_memory ); # Total possible memory is memory needed by MySQL based on max_connections # This is the max memory MySQL can theorically used if all connections allowed has opened by mysql $mycalc{'max_peak_memory'} = - $mycalc{'server_buffers'} + $mycalc{'total_per_thread_buffers'} + get_pf_memory()+ get_gcache_memory(); + $mycalc{'server_buffers'} + + $mycalc{'total_per_thread_buffers'} + + get_pf_memory() + + get_gcache_memory(); $mycalc{'pct_max_physical_memory'} = percentage( $mycalc{'max_peak_memory'}, $physical_memory ); @@ -1985,7 +2016,7 @@ sub calculations { . hr_bytes( $mycalc{'max_peak_memory'} ) . ""; debugprint "Max Peak Percentage RAM: " . $mycalc{'pct_max_physical_memory'} . "%"; - + # Slow queries $mycalc{'pct_slow_queries'} = int( ( $mystat{'Slow_queries'} / $mystat{'Questions'} ) * 100 ); @@ -2312,17 +2343,18 @@ sub mysql_stats { # Memory usage - infoprint "Physical Memory : ". hr_bytes($physical_memory); - infoprint "Max MySQL memory : ". hr_bytes( $mycalc{'max_peak_memory'} ); - infoprint "Other process memory: ". hr_bytes( get_other_process_memory() ); + infoprint "Physical Memory : " . hr_bytes($physical_memory); + infoprint "Max MySQL memory : " . hr_bytes( $mycalc{'max_peak_memory'} ); + infoprint "Other process memory: " . hr_bytes( get_other_process_memory() ); infoprint "Total buffers: " . hr_bytes( $mycalc{'server_buffers'} ) . " global + " . hr_bytes( $mycalc{'per_thread_buffers'} ) . " per thread ($myvar{'max_connections'} max threads)"; - infoprint "P_S Max memory usage: ".hr_bytes_rnd(get_pf_memory()); - infoprint "Galera GCache Max memory usage: ".hr_bytes_rnd(get_gcache_memory()); + infoprint "P_S Max memory usage: " . hr_bytes_rnd( get_pf_memory() ); + infoprint "Galera GCache Max memory usage: " + . hr_bytes_rnd( get_gcache_memory() ); if ( $opt{buffers} ne 0 ) { infoprint "Global Buffers"; infoprint " +-- Key Buffer: " @@ -2398,12 +2430,18 @@ sub mysql_stats { . " ($mycalc{'pct_max_physical_memory'}% of installed RAM)"; } - if ($physical_memory < ($mycalc{'max_peak_memory'}+get_other_process_memory())) { - badprint "Overall possible memory usage with other process exceeded memory"; - push( @generalrec, "Dedicated this server to your database for highest performance." ); - } else { - goodprint "Overall possible memory usage with other process is compatible with memory available"; - } + if ( $physical_memory < + ( $mycalc{'max_peak_memory'} + get_other_process_memory() ) ) + { + badprint + "Overall possible memory usage with other process exceeded memory"; + push( @generalrec, + "Dedicated this server to your database for highest performance." ); + } + else { + goodprint +"Overall possible memory usage with other process is compatible with memory available"; + } # Slow queries if ( $mycalc{'pct_slow_queries'} > 5 ) { @@ -2534,7 +2572,7 @@ sub mysql_stats { # Sorting if ( $mycalc{'total_sorts'} == 0 ) { - goodprint "No Sort requiring temporary tables"; + goodprint "No Sort requiring temporary tables"; } elsif ( $mycalc{'pct_temp_sort_table'} > 10 ) { badprint @@ -2573,7 +2611,8 @@ sub mysql_stats { "Adjust your join queries to always utilize indexes" ); } else { - goodprint "No joins without indexes"; + goodprint "No joins without indexes"; + # No joins have run without indexes } @@ -2628,7 +2667,7 @@ sub mysql_stats { } } else { - goodprint "No tmp tables created on disk"; + goodprint "No tmp tables created on disk"; } # Thread cache @@ -2922,11 +2961,11 @@ sub mariadb_threadpool { infoprint "ThreadPool stat is enabled."; infoprint "Thread Pool Size: " . $myvar{'thread_pool_size'} . " thread(s)."; - if ($myvar{'version'} =~ /mariadb|percona/i ) { - infoprint "Using default value is good enougth for your version (".$myvar{'version'}.")"; - return; - } - + if ( $myvar{'version'} =~ /mariadb|percona/i ) { + infoprint "Using default value is good enougth for your version (" + . $myvar{'version'} . ")"; + return; + } if ( $myvar{'have_innodb'} eq 'YES' ) { if ( $myvar{'thread_pool_size'} < 16 @@ -2966,17 +3005,19 @@ sub mariadb_threadpool { } } -sub get_pf_memory -{ +sub get_pf_memory { + # Performance Schema return 0 unless defined $myvar{'performance_schema'}; return 0 if $myvar{'performance_schema'} eq 'OFF'; - - my @infoPFSMemory=grep /performance_schema.memory/, select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); - return 0 if scalar(@infoPFSMemory)==0; + + my @infoPFSMemory = grep /performance_schema.memory/, + select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); + return 0 if scalar(@infoPFSMemory) == 0; $infoPFSMemory[0] =~ s/.*\s+(\d+)$/$1/g; return $infoPFSMemory[0]; } + # Recommendations for Performance Schema sub mysqsl_pfs { subheaderprint "Performance schema"; @@ -2990,7 +3031,7 @@ sub mysqsl_pfs { else { infoprint "Performance schema is enabled."; } - infoprint "Memory used by P_S: ". hr_bytes(get_pf_memory()); + infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); } # Recommendations for Ariadb @@ -3081,39 +3122,40 @@ sub mariadb_tokudb { # Perl trim function to remove whitespace from the start and end of the string sub trim { - my $string = shift; - $string =~ s/^\s+//; - $string =~ s/\s+$//; - return $string; + my $string = shift; + $string =~ s/^\s+//; + $string =~ s/\s+$//; + return $string; } sub get_wsrep_options { - return () unless defined $myvar{'wsrep_provider_options'} ; + return () unless defined $myvar{'wsrep_provider_options'}; - my @galera_options=split /;/,$myvar{'wsrep_provider_options'} ; + my @galera_options = split /;/, $myvar{'wsrep_provider_options'}; remove_cr @galera_options; - @galera_options=remove_empty @galera_options; - debugprint Dumper(\@galera_options); + @galera_options = remove_empty @galera_options; + debugprint Dumper( \@galera_options ); return @galera_options; } + sub get_gcache_memory { - my $gCacheMem=get_wsrep_option('gcache.mem_size'); + my $gCacheMem = get_wsrep_option('gcache.mem_size'); return 0 unless defined $gCacheMem and $gCacheMem ne ''; return $gCacheMem; } + sub get_wsrep_option { - my $key=shift; - return '' unless defined $myvar{'wsrep_provider_options'} ; - my @galera_options=get_wsrep_options; - return '' unless scalar(@galera_options) >0; - my @memValues= grep /\s*$key =/, @galera_options; - my $memValue=$memValues[0]; + my $key = shift; + return '' unless defined $myvar{'wsrep_provider_options'}; + my @galera_options = get_wsrep_options; + return '' unless scalar(@galera_options) > 0; + my @memValues = grep /\s*$key =/, @galera_options; + my $memValue = $memValues[0]; $memValue =~ s/.*=\s*(.+)$/$1/g; return $memValue; } - # Recommendations for Galera sub mariadb_galera { subheaderprint "Galera Metrics"; @@ -3126,162 +3168,215 @@ sub mariadb_galera { return; } infoprint "Galera is enabled."; - debugprint "Galera variables:"; + debugprint "Galera variables:"; foreach my $gvar ( keys %myvar ) { - next unless $gvar =~ /^wsrep.*/; - next if $gvar eq 'wsrep_provider_options'; - debugprint "\t".trim($gvar). " = ".$myvar{$gvar}; + next unless $gvar =~ /^wsrep.*/; + next if $gvar eq 'wsrep_provider_options'; + debugprint "\t" . trim($gvar) . " = " . $myvar{$gvar}; } - debugprint "Galera wsrep provider Options:"; - my @galera_options=get_wsrep_options; - foreach my $gparam ( @galera_options ) { - debugprint "\t".trim($gparam); + debugprint "Galera wsrep provider Options:"; + my @galera_options = get_wsrep_options; + foreach my $gparam (@galera_options) { + debugprint "\t" . trim($gparam); } - debugprint "Galera status:"; + debugprint "Galera status:"; foreach my $gstatus ( keys %mystat ) { - next unless $gstatus =~ /^wsrep.*/; - debugprint "\t".trim($gstatus). " = ".$mystat{$gstatus}; - } - infoprint "GCache is using ".hr_bytes_rnd(get_wsrep_option('gcache.mem_size')); - my @primaryKeysNbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.columns where table_schema not in ('mysql', 'information_schema', 'performance_schema') group by table_schema,table_name having sum(if(column_key in ('PRI','UNI'), 1,0)) = 0"); + next unless $gstatus =~ /^wsrep.*/; + debugprint "\t" . trim($gstatus) . " = " . $mystat{$gstatus}; + } + infoprint "GCache is using " + . hr_bytes_rnd( get_wsrep_option('gcache.mem_size') ); + my @primaryKeysNbTables = select_array( +"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.columns where table_schema not in ('mysql', 'information_schema', 'performance_schema') group by table_schema,table_name having sum(if(column_key in ('PRI','UNI'), 1,0)) = 0" + ); - if (scalar (@primaryKeysNbTables) > 0 ) { - badprint "Following table(s) don't have primary key:"; - foreach my $badtable( @primaryKeysNbTables ) { - badprint "\t$badtable"; - } - } else { - goodprint "All tables get a primary key"; - } - my @nonInnoDbTables=select_array("select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDb' and table_schema not in ('mysql', 'performance_schema', 'information_schema')"); - if (scalar (@nonInnoDbTables) > 0 ) { - badprint "Following table(s) are not InnoDB table:"; - push @generalrec, "Ensure that all table(s) are InnoDB tabls for Galera replication"; - foreach my $badtable( @nonInnoDbTables ) { - badprint "\t$badtable"; - } - } else { - goodprint "All tables are InnoDB tables"; - } - if ($myvar{'binlog_format'} ne 'ROW') { - badprint "Binlog format should be in ROW mode."; - push @adjvars, "binlog_format = ROW"; - } else { - goodprint "Binlog format is in ROW mode."; - } - if ($myvar{'innodb_flush_log_at_trx_commit'} != 0 ) { - badprint "Innodb flush log at each commit should be disabled."; - push @adjvars, "innodb_flush_log_at_trx_commit = 0"; - } else { - goodprint "Innodb flush log at each commit is disabled for Galera."; - } + if ( scalar(@primaryKeysNbTables) > 0 ) { + badprint "Following table(s) don't have primary key:"; + foreach my $badtable (@primaryKeysNbTables) { + badprint "\t$badtable"; + } + } + else { + goodprint "All tables get a primary key"; + } + my @nonInnoDbTables = select_array( +"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDb' and table_schema not in ('mysql', 'performance_schema', 'information_schema')" + ); + if ( scalar(@nonInnoDbTables) > 0 ) { + badprint "Following table(s) are not InnoDB table:"; + push @generalrec, + "Ensure that all table(s) are InnoDB tabls for Galera replication"; + foreach my $badtable (@nonInnoDbTables) { + badprint "\t$badtable"; + } + } + else { + goodprint "All tables are InnoDB tables"; + } + if ( $myvar{'binlog_format'} ne 'ROW' ) { + badprint "Binlog format should be in ROW mode."; + push @adjvars, "binlog_format = ROW"; + } + else { + goodprint "Binlog format is in ROW mode."; + } + if ( $myvar{'innodb_flush_log_at_trx_commit'} != 0 ) { + badprint "Innodb flush log at each commit should be disabled."; + push @adjvars, "innodb_flush_log_at_trx_commit = 0"; + } + else { + goodprint "Innodb flush log at each commit is disabled for Galera."; + } - infoprint "Read consistency mode :". $myvar{'wsrep_causal_reads'}; - - if ( defined($myvar{'wsrep_cluster_name'}) and $myvar{'wsrep_on'} eq "ON" ) { - goodprint "Galera WsREP is enabled."; - if ( defined($myvar{'wsrep_cluster_address'}) and trim("$myvar{'wsrep_cluster_address'}") ne "") { - goodprint "Galera Cluster address is defined: ".$myvar{'wsrep_cluster_address'}; - my $nbNodes=scalar(split /,/, $myvar{'wsrep_cluster_address'}); - if ( $nbNodes !=3 or $nbNodes != 5) { - goodprint "There is $nbNodes nodes in wsrep_cluster_address."; - } else { - badprint "There is $nbNodes nodes in wsrep_cluster_address. Prefer 3 or 5 nodes achitecture."; - } - my $nbNodesSize=trim ($mystat{'wsrep_cluster_size'}); - if ( $nbNodesSize !=3 or $nbNodesSize != 5) { - goodprint "There is $nbNodes nodes in wsrep_cluster_size."; - } else { - badprint "There is $nbNodes nodes in wsrep_cluster_size. Prefer 3 or 5 nodes achitecture."; - } + infoprint "Read consistency mode :" . $myvar{'wsrep_causal_reads'}; - if ($nbNodes != trim ($mystat{'wsrep_cluster_size'}) ) { - badprint "All cluster nodes dre not detected. wsrep_cluster_size != informations in wsrep_cluster_adress"; - } else { - badprint "All cluster nodes detected."; - } - } else { + if ( defined( $myvar{'wsrep_cluster_name'} ) + and $myvar{'wsrep_on'} eq "ON" ) + { + goodprint "Galera WsREP is enabled."; + if ( defined( $myvar{'wsrep_cluster_address'} ) + and trim("$myvar{'wsrep_cluster_address'}") ne "" ) + { + goodprint "Galera Cluster address is defined: " + . $myvar{'wsrep_cluster_address'}; + my $nbNodes = scalar( split /,/, $myvar{'wsrep_cluster_address'} ); + if ( $nbNodes != 3 or $nbNodes != 5 ) { + goodprint "There is $nbNodes nodes in wsrep_cluster_address."; + } + else { + badprint +"There is $nbNodes nodes in wsrep_cluster_address. Prefer 3 or 5 nodes achitecture."; + } + my $nbNodesSize = trim( $mystat{'wsrep_cluster_size'} ); + if ( $nbNodesSize != 3 or $nbNodesSize != 5 ) { + goodprint "There is $nbNodes nodes in wsrep_cluster_size."; + } + else { + badprint +"There is $nbNodes nodes in wsrep_cluster_size. Prefer 3 or 5 nodes achitecture."; + } + + if ( $nbNodes != trim( $mystat{'wsrep_cluster_size'} ) ) { + badprint +"All cluster nodes dre not detected. wsrep_cluster_size != informations in wsrep_cluster_adress"; + } + else { + badprint "All cluster nodes detected."; + } + } + else { badprint "Galera Cluster address is undefined"; - push @adjvars, "set up wsrep_cluster_address variable for Galera replication"; + push @adjvars, + "set up wsrep_cluster_address variable for Galera replication"; } - if ( defined($myvar{'wsrep_cluster_name'}) and trim($myvar{'wsrep_cluster_name'}) ne "") { - goodprint "Galera Cluster name is defined: ".$myvar{'wsrep_cluster_name'}; - } else { - badprint "Galera Cluster name is undefined"; - push @adjvars, "set up wsrep_cluster_name variable for Galera replication"; + if ( defined( $myvar{'wsrep_cluster_name'} ) + and trim( $myvar{'wsrep_cluster_name'} ) ne "" ) + { + goodprint "Galera Cluster name is defined: " + . $myvar{'wsrep_cluster_name'}; } - if ( defined($myvar{'wsrep_node_name'}) and trim($myvar{'wsrep_node_name'}) ne "") { - goodprint "Galera Node name is defined: ".$myvar{'wsrep_node_name'}; - } else { + else { + badprint "Galera Cluster name is undefined"; + push @adjvars, + "set up wsrep_cluster_name variable for Galera replication"; + } + if ( defined( $myvar{'wsrep_node_name'} ) + and trim( $myvar{'wsrep_node_name'} ) ne "" ) + { + goodprint "Galera Node name is defined: " + . $myvar{'wsrep_node_name'}; + } + else { badprint "Galera node name is undefined"; - push @adjvars, "set up wsrep_node_name variable for Galera replication"; + push @adjvars, + "set up wsrep_node_name variable for Galera replication"; } - if ( trim ($myvar{'wsrep_notify_cmd'}) ne "" ) { - goodprint "Galera Notify command is defined."; - } else { - badprint "Galera Notify command is not defined."; - push( @adjvars, "set up parameter wsrep_notify_cmd to be notify"); + if ( trim( $myvar{'wsrep_notify_cmd'} ) ne "" ) { + goodprint "Galera Notify command is defined."; } - if ( trim ($myvar{'wsrep_sst_method'}) ne "xtrabackup" ) { + else { + badprint "Galera Notify command is not defined."; + push( @adjvars, "set up parameter wsrep_notify_cmd to be notify" ); + } + if ( trim( $myvar{'wsrep_sst_method'} ) ne "xtrabackup" ) { badprint "Galera SST method is xtrabackup."; - push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup"); - } else { + push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup" ); + } + else { goodprint "SST Method is inot based on xtrabackup."; } - if ( trim ($myvar{'wsrep_OSU_method'}) eq "TOI" ) { + if ( trim( $myvar{'wsrep_OSU_method'} ) eq "TOI" ) { goodprint "TOI is default mode for upgrade."; - } else { - badprint "Schema upgrade are not replicated automatically"; - push( @adjvars, "set up parameter wsrep_OSU_method to TOI"); } - infoprint "Max WsRep message : " .hr_bytes( $myvar{'wsrep_max_ws_size'}); - } else { - badprint "Galera WsREP is disabled"; - } + else { + badprint "Schema upgrade are not replicated automatically"; + push( @adjvars, "set up parameter wsrep_OSU_method to TOI" ); + } + infoprint "Max WsRep message : " + . hr_bytes( $myvar{'wsrep_max_ws_size'} ); + } + else { + badprint "Galera WsREP is disabled"; + } - - if (defined($mystat{'wsrep_connected'}) and $mystat{'wsrep_connected'} eq "ON") { - goodprint "Node is connected"; - } else { - badprint "Node is disconnected"; - } - if (defined($mystat{'wsrep_ready'}) and $mystat{'wsrep_ready'} eq "ON") { + if ( defined( $mystat{'wsrep_connected'} ) + and $mystat{'wsrep_connected'} eq "ON" ) + { + goodprint "Node is connected"; + } + else { + badprint "Node is disconnected"; + } + if ( defined( $mystat{'wsrep_ready'} ) and $mystat{'wsrep_ready'} eq "ON" ) + { goodprint "Node is ready"; - } else { + } + else { badprint "Node is not ready"; - } -infoprint "Cluster status :".$mystat{'wsrep_cluster_status'}; - if (defined($mystat{'wsrep_cluster_status'}) and $mystat{'wsrep_cluster_status'} eq "Primary") { + } + infoprint "Cluster status :" . $mystat{'wsrep_cluster_status'}; + if ( defined( $mystat{'wsrep_cluster_status'} ) + and $mystat{'wsrep_cluster_status'} eq "Primary" ) + { goodprint "Galera cluster is consistent and ready for operations"; - } else { + } + else { badprint "Cluster is not consistent and ready"; - } - if ($mystat{'wsrep_local_state_uuid'} eq $mystat{'wsrep_cluster_state_uuid'}) { - goodprint "Node and whole cluster at the same level: ".$mystat{'wsrep_cluster_state_uuid'}; - } else { - badprint "Node and whole cluster not the same level"; - infoprint "Node state uuid: ".$mystat{'wsrep_local_state_uuid'}; - infoprint "Cluster state uuid: ".$mystat{'wsrep_cluster_state_uuid'}; - } - if ($mystat{'wsrep_local_state_comment'} eq 'Synced' ) { + } + if ( $mystat{'wsrep_local_state_uuid'} eq + $mystat{'wsrep_cluster_state_uuid'} ) + { + goodprint "Node and whole cluster at the same level: " + . $mystat{'wsrep_cluster_state_uuid'}; + } + else { + badprint "Node and whole cluster not the same level"; + infoprint "Node state uuid: " . $mystat{'wsrep_local_state_uuid'}; + infoprint "Cluster state uuid: " . $mystat{'wsrep_cluster_state_uuid'}; + } + if ( $mystat{'wsrep_local_state_comment'} eq 'Synced' ) { goodprint "Node is synced with whole cluster."; - } else { + } + else { badprint "Node is not synced"; - infoprint "Node State : ".$mystat{'wsrep_local_state_comment'}; - } - if ($mystat{'wsrep_local_cert_failures'} == 0 ) { + infoprint "Node State : " . $mystat{'wsrep_local_state_comment'}; + } + if ( $mystat{'wsrep_local_cert_failures'} == 0 ) { goodprint "There is no certification failures detected."; - } else { - badprint "There is ".$mystat{'wsrep_local_cert_failures'}." certification failure(s)detected."; - } + } + else { + badprint "There is " + . $mystat{'wsrep_local_cert_failures'} + . " certification failure(s)detected."; + } - for my $key (keys %mystat) { - if ($key =~ /wsrep_|galera/i) { - debugprint "WSREP: $key = $mystat{$key}"; - } - } - debugprint Dumper get_wsrep_options(); + for my $key ( keys %mystat ) { + if ( $key =~ /wsrep_|galera/i ) { + debugprint "WSREP: $key = $mystat{$key}"; + } + } + debugprint Dumper get_wsrep_options(); } # Recommendations for InnoDB @@ -3446,7 +3541,7 @@ sub mysql_innodb { && $mycalc{'pct_write_efficiency'} < 90 ) { badprint "InnoDB Write Log efficiency: " - . abs($mycalc{'pct_write_efficiency'}) . "% (" + . abs( $mycalc{'pct_write_efficiency'} ) . "% (" . abs( $mystat{'Innodb_log_write_requests'} - $mystat{'Innodb_log_writes'} ) . " hits/ " @@ -3549,12 +3644,10 @@ sub mysql_databases { foreach (@dblist) { chomp($_); - if ( - $_ eq "information_schema" + if ( $_ eq "information_schema" or $_ eq "performance_schema" or $_ eq "mysql" - or $_ eq "" - ) + or $_ eq "" ) { next; } @@ -3906,20 +3999,19 @@ sub dump_result { } sub which { - my $prog_name = shift; + my $prog_name = shift; my $path_string = shift; - my @path_array = split /:/, $ENV{'PATH'}; + my @path_array = split /:/, $ENV{'PATH'}; - for my $path ( @path_array) { + for my $path (@path_array) { if ( -x "$path/$prog_name" ) { return "$path/$prog_name"; } } - return 0 + return 0; } - # --------------------------------------------------------------------------- # BEGIN 'MAIN' # --------------------------------------------------------------------------- @@ -3940,7 +4032,7 @@ cve_recommendations; # Display related CVE calculations; # Calculate everything we need mysql_stats; # Print the server stats mysqsl_pfs # Print Performance schema info -mariadb_threadpool; # Print MaraiDB ThreadPool stats + mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats mariadb_ariadb; # Print MaraiDB AriaDB stats mysql_innodb; # Print InnoDB stats From 737628dd1b815e78130494c584aaa000349c70ac Mon Sep 17 00:00:00 2001 From: root Date: Thu, 21 Apr 2016 09:06:13 +0200 Subject: [PATCH 080/237] Vulnerabilities list updated #190 Query cache must be activated in MariaDB 10.1 #184 bug fix on messages #184 xtrabackup support when wsrep_sst_method is starting by xtrabackup --- mysqltuner.pl | 10 ++--- vulnerabilities.csv | 92 +++++++++++++++++++++++++-------------------- 2 files changed, 56 insertions(+), 46 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 671206f..873ba4a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2501,7 +2501,7 @@ sub mysql_stats { push( @generalrec, "Upgrade MySQL to version 4+ to utilize query caching" ); } - elsif ( mysql_version_ge( 5, 5 ) ) { + elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) ) { if ( $myvar{'query_cache_type'} ne "OFF" ) { badprint "Query cache should be disabled by default due to mutex contention."; @@ -3299,12 +3299,12 @@ sub mariadb_galera { badprint "Galera Notify command is not defined."; push( @adjvars, "set up parameter wsrep_notify_cmd to be notify" ); } - if ( trim( $myvar{'wsrep_sst_method'} ) ne "xtrabackup" ) { - badprint "Galera SST method is xtrabackup."; - push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup" ); + if ( trim( $myvar{'wsrep_sst_method'} ) !~ "^\s*xtrabackup.*" ) { + badprint "Galera SST method is not xtrabackup based."; + push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup based parameter" ); } else { - goodprint "SST Method is inot based on xtrabackup."; + badprint "SST Method is based on xtrabackup."; } if ( trim( $myvar{'wsrep_OSU_method'} ) eq "TOI" ) { goodprint "TOI is default mode for upgrade."; diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 8b1c533..0408842 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -375,48 +375,58 @@ 5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/alerts-086861.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453";Assigned (20160122);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453";Assigned (20160122);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453";Assigned (20160122);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.28;5;6;28;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; +2.17.1;2;17;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; +10.0.22;10;0;22;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; +2.21.2;2;21;2;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; +5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; From 560b45894b090795da5662773deaec1b2743ccc4 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 21 Apr 2016 09:08:20 +0200 Subject: [PATCH 081/237] #184 minor fix due to error message --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 873ba4a..c1c6316 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3299,7 +3299,7 @@ sub mariadb_galera { badprint "Galera Notify command is not defined."; push( @adjvars, "set up parameter wsrep_notify_cmd to be notify" ); } - if ( trim( $myvar{'wsrep_sst_method'} ) !~ "^\s*xtrabackup.*" ) { + if ( trim( $myvar{'wsrep_sst_method'} ) !~ "^xtrabackup.*" ) { badprint "Galera SST method is not xtrabackup based."; push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup based parameter" ); } From c59a852a038f988a518c6bc94fe0fddf5bc8c5c9 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 21 Apr 2016 23:16:35 +0200 Subject: [PATCH 082/237] minor addition for sys schema #193 --- mysqltuner.pl | 38 ++++++++++++++++++-------------------- 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index c1c6316..f21e016 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -197,8 +197,7 @@ if ( $opt{verbose} ) { } # for RPM distributions -$opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" - unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); +$opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); $opt{cvefile} = '' unless -f "$opt{cvefile}"; $opt{cvefile} = './vulnerabilities.csv' if -f './vulnerabilities.csv'; @@ -264,16 +263,10 @@ sub subheaderprint { my $ln = length("@_") + 2; prettyprint " "; - - #prettyprint "-"x$tln; prettyprint "-" x $sln . " @_ " . "-" x ( $tln - $ln - $sln ); - - #prettyprint "-"x$tln; } sub infoprinthcmd { - - # print Dumper @_; subheaderprint "$_[0]"; infoprintcmd "$_[1]"; } @@ -367,8 +360,7 @@ my ( $physical_memory, $swap_memory, $duflags ); sub os_setup { sub memerror { - badprint -"Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; + badprint "Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; exit 1; } my $os = `uname`; @@ -454,7 +446,8 @@ sub os_setup { $result{'OS'}{'Physical Memory'}{'pretty'} = hr_bytes($physical_memory); $result{'OS'}{'Swap Memory'}{'bytes'} = $swap_memory; $result{'OS'}{'Swap Memory'}{'pretty'} = hr_bytes($swap_memory); - + $result{'OS'}{'Other Processes'}{'bytes'} = get_other_process_memory(); + $result{'OS'}{'Other Processes'}{'pretty'} = hr_bytes(get_other_process_memory()); } sub get_http_cli { @@ -798,24 +791,20 @@ sub mysql_setup { } } else { - # It's not Plesk or debian, we should try a login debugprint "$mysqladmincmd $remotestring ping 2>&1"; my $loginstatus = `$mysqladmincmd $remotestring ping 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { - # Login went just fine $mysqllogin = " $remotestring "; - - # Did this go well because of a .my.cnf file or is there no password set? + # Did this go well because of a .my.cnf file or is there no password set? my $userpath = `printenv HOME`; if ( length($userpath) > 0 ) { chomp($userpath); } unless ( -e "${userpath}/.my.cnf" or -e "${userpath}/.mylogin.cnf" ) { - badprint -"Successfully authenticated with no password - SECURITY RISK!"; + badprint "Successfully authenticated with no password - SECURITY RISK!"; } return 1; } @@ -956,7 +945,6 @@ sub arr2hash { } sub get_all_vars { - # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; debugprint "VERSION: " . $dummyselect . ""; @@ -1054,18 +1042,20 @@ sub cve_recommendations { return; } -#prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; + #prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; my $cvefound = 0; open( FH, "<$opt{cvefile}" ) or die "Can't open $opt{cvefile} for read: $!"; while ( my $cveline = ) { my @cve = split( ';', $cveline ); if ( mysql_micro_version_le( $cve[1], $cve[2], $cve[3] ) ) { badprint "$cve[4] : $cve[5]"; + $result{'CVE'}{'List'}{$cvefound}="$cve[4] : $cve[5]"; $cvefound++; } } close FH or die "Cannot close $opt{cvefile}: $!"; + $result{'CVE'}{'nb'}=$cvefound; if ( $cvefound == 0 ) { goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; return; @@ -3027,11 +3017,19 @@ sub mysqsl_pfs { and $myvar{'performance_schema'} eq 'ON' ) { infoprint "Performance schema is disabled."; + return; } else { infoprint "Performance schema is enabled."; } infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); + + if (grep /^sys$/, select_array("SHOW DATABASES")) { + infoprint "Sys schema is installed."; + } else { + infoprint "Sys schema isn't installed."; + return; + } } # Recommendations for Ariadb @@ -4032,7 +4030,7 @@ cve_recommendations; # Display related CVE calculations; # Calculate everything we need mysql_stats; # Print the server stats mysqsl_pfs # Print Performance schema info - mariadb_threadpool; # Print MaraiDB ThreadPool stats +mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats mariadb_ariadb; # Print MaraiDB AriaDB stats mysql_innodb; # Print InnoDB stats From 9b3549a92c2694d273855ed23167a0fac99c9f56 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 21 Apr 2016 23:19:36 +0200 Subject: [PATCH 083/237] #184 minor fix xtrabackup is the good alternative --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f21e016..c8759c7 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3302,7 +3302,7 @@ sub mariadb_galera { push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup based parameter" ); } else { - badprint "SST Method is based on xtrabackup."; + goodprint "SST Method is based on xtrabackup."; } if ( trim( $myvar{'wsrep_OSU_method'} ) eq "TOI" ) { goodprint "TOI is default mode for upgrade."; From 7251a85234f3f8d43fddd1b50fc8f34a01b04ee5 Mon Sep 17 00:00:00 2001 From: Vadym Chepkov Date: Fri, 22 Apr 2016 11:22:00 -0400 Subject: [PATCH 084/237] fixed spelling --- mysqltuner.pl | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index c8759c7..4d23c16 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -142,7 +142,7 @@ sub usage { . " --pass Password to use for authentication\n" . " --mysqladmin Path to a custom mysqladmin executable\n" . " --mysqlcmd Path to a custom mysql executable\n" . "\n" - . " --noask Dont ask password if needed\n" . "\n" + . " --noask Don't ask password if needed\n" . "\n" . " Performance and Reporting Options\n" . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n" . " (Recommended for servers with many tables)\n" @@ -1233,7 +1233,7 @@ sub get_kernel_info() { 'sunrpc.tcp_max_slot_table_entries', 'sunrpc.tcp_slot_table_entries', 'vm.swappiness' ); - infoprint "Informations about kernel tuning:"; + infoprint "Information about kernel tuning:"; foreach my $param (@params) { infocmd_tab("sysctl $param"); } @@ -1328,7 +1328,7 @@ sub system_recommendations { infoprint "Skipped due to non Linux server"; return; } - prettyprint "Look for related Linux system recommandations"; + prettyprint "Look for related Linux system recommendations"; #prettyprint '-'x78; get_system_info(); @@ -1342,7 +1342,7 @@ sub system_recommendations { . hr_bytes_rnd($omem) . " / " . hr_bytes_rnd($physical_memory) . ")"; push( @generalrec, -"Consider stopping or dedicate server for additionnal process other than mysqld." +"Consider stopping or dedicate server for additional process other than mysqld." ); push( @adjvars, "DON'T APPLY SETTINGS BECAUSE THERE ARE TOO MANY PROCESSES RUNNING ON THIS SERVER. OOM KILL CAN OCCUR!" @@ -1512,14 +1512,14 @@ sub security_recommendations { foreach my $line (@mysqlstatlist) { chomp($line); badprint "User '" . $line - . "' is using weak pasword: $pass in a lower, upper or capitalize derivated version."; + . "' is using weak password: $pass in a lower, upper or capitalize derivative version."; $nbins++; } } } } if ( $nbins > 0 ) { - push( @generalrec, $nbins . " user(s) used basic or weaked password." ); + push( @generalrec, $nbins . " user(s) used basic or weak password." ); } } @@ -1554,7 +1554,7 @@ sub get_replication_status { and ( $io_running !~ /yes/i or $sql_running !~ /yes/i ) ) { badprint - "This replication slave is not running but seems to be configurated."; + "This replication slave is not running but seems to be configured."; } if ( defined($io_running) && $io_running =~ /yes/i @@ -2795,14 +2795,14 @@ sub mysql_stats { . " Memory / " . $mystat{'Binlog_cache_use'} . " Total)"; - debugprint "Not enought data to validate binlog cache size\n" + debugprint "Not enough data to validate binlog cache size\n" if $mystat{'Binlog_cache_use'} < 10; } } # Performance options if ( !mysql_version_ge( 5, 1 ) ) { - push( @generalrec, "Upgrade to MySQL 5.5+ to use asynchrone write" ); + push( @generalrec, "Upgrade to MySQL 5.5+ to use asynchronous write" ); } elsif ( $myvar{'concurrent_insert'} eq "OFF" ) { push( @generalrec, "Enable concurrent_insert by setting it to 'ON'" ); @@ -2952,7 +2952,7 @@ sub mariadb_threadpool { infoprint "Thread Pool Size: " . $myvar{'thread_pool_size'} . " thread(s)."; if ( $myvar{'version'} =~ /mariadb|percona/i ) { - infoprint "Using default value is good enougth for your version (" + infoprint "Using default value is good enough for your version (" . $myvar{'version'} . ")"; return; } @@ -3204,7 +3204,7 @@ sub mariadb_galera { if ( scalar(@nonInnoDbTables) > 0 ) { badprint "Following table(s) are not InnoDB table:"; push @generalrec, - "Ensure that all table(s) are InnoDB tabls for Galera replication"; + "Ensure that all table(s) are InnoDB tables for Galera replication"; foreach my $badtable (@nonInnoDbTables) { badprint "\t$badtable"; } @@ -3240,24 +3240,24 @@ sub mariadb_galera { . $myvar{'wsrep_cluster_address'}; my $nbNodes = scalar( split /,/, $myvar{'wsrep_cluster_address'} ); if ( $nbNodes != 3 or $nbNodes != 5 ) { - goodprint "There is $nbNodes nodes in wsrep_cluster_address."; + goodprint "There are $nbNodes nodes in wsrep_cluster_address."; } else { badprint -"There is $nbNodes nodes in wsrep_cluster_address. Prefer 3 or 5 nodes achitecture."; +"There are $nbNodes nodes in wsrep_cluster_address. Prefer 3 or 5 nodes architecture."; } my $nbNodesSize = trim( $mystat{'wsrep_cluster_size'} ); if ( $nbNodesSize != 3 or $nbNodesSize != 5 ) { - goodprint "There is $nbNodes nodes in wsrep_cluster_size."; + goodprint "There are $nbNodes nodes in wsrep_cluster_size."; } else { badprint -"There is $nbNodes nodes in wsrep_cluster_size. Prefer 3 or 5 nodes achitecture."; +"There are $nbNodes nodes in wsrep_cluster_size. Prefer 3 or 5 nodes architecture."; } if ( $nbNodes != trim( $mystat{'wsrep_cluster_size'} ) ) { badprint -"All cluster nodes dre not detected. wsrep_cluster_size != informations in wsrep_cluster_adress"; +"All cluster nodes are not detected. wsrep_cluster_size != information in wsrep_cluster_address"; } else { badprint "All cluster nodes detected."; @@ -3702,7 +3702,7 @@ sub mysql_databases { if ( $dbinfo[7] > 1 ) { badprint $dbinfo[7] - . " differents collations for database " + . " different collations for database " . $dbinfo[0]; push( @generalrec, "Check all table collations are identical for all tables in " @@ -3717,7 +3717,7 @@ sub mysql_databases { } if ( $dbinfo[8] > 1 ) { badprint $dbinfo[8] - . " differents engines for database " + . " different engines for database " . $dbinfo[0]; push( @generalrec, "Check all table engines are identical for all tables in " @@ -3780,7 +3780,7 @@ sub mysql_indexes { # unless ( mysql_version_ge( 5, 6 ) ) { # infoprint -#"Skip Index metrics from information schema due to erronous information provided in this version"; +#"Skip Index metrics from information schema due to erroneous information provided in this version"; # return; # } my $selIdxReq = <<'ENDSQL'; From f44d3c09f113ba90e62cb90854ef374716f5009a Mon Sep 17 00:00:00 2001 From: Zack Katz Date: Tue, 26 Apr 2016 15:29:49 -0600 Subject: [PATCH 085/237] enought to enough --- INTERNALS.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index dbefe6f..d4ec954 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -178,8 +178,8 @@ ## MySQLTuner memory checks * Get total RAM/swap -* Is there enought memory for max connections reached by MySQL ? -* Is there enought memory for max connections allowed by MySQL ? +* Is there enough memory for max connections reached by MySQL ? +* Is there enough memory for max connections allowed by MySQL ? * Max percentage of memory used(<85%) ## MySQLTuner slow queries checks From ae0ab4bcff5b3601af3d6bd1301bbc86a74143a5 Mon Sep 17 00:00:00 2001 From: Vadym Chepkov Date: Wed, 27 Apr 2016 06:42:50 -0400 Subject: [PATCH 086/237] fixed wsrep_cluster_size handling garbd node can be configured in galera cluster. wsrep_cluster_size includes the garbd node, but it is not listed in wsrep_cluster_address, since it does not participate in the replication. --- mysqltuner.pl | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4d23c16..1349f67 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3239,28 +3239,22 @@ sub mariadb_galera { goodprint "Galera Cluster address is defined: " . $myvar{'wsrep_cluster_address'}; my $nbNodes = scalar( split /,/, $myvar{'wsrep_cluster_address'} ); - if ( $nbNodes != 3 or $nbNodes != 5 ) { - goodprint "There are $nbNodes nodes in wsrep_cluster_address."; - } - else { - badprint -"There are $nbNodes nodes in wsrep_cluster_address. Prefer 3 or 5 nodes architecture."; - } + infoprint "There are $nbNodes nodes in wsrep_cluster_address"; my $nbNodesSize = trim( $mystat{'wsrep_cluster_size'} ); - if ( $nbNodesSize != 3 or $nbNodesSize != 5 ) { - goodprint "There are $nbNodes nodes in wsrep_cluster_size."; + if ( $nbNodesSize == 3 or $nbNodesSize == 5 ) { + goodprint "There are $nbNodesSize nodes in wsrep_cluster_size."; } else { badprint -"There are $nbNodes nodes in wsrep_cluster_size. Prefer 3 or 5 nodes architecture."; +"There are $nbNodesSize nodes in wsrep_cluster_size. Prefer 3 or 5 nodes architecture."; } - - if ( $nbNodes != trim( $mystat{'wsrep_cluster_size'} ) ) { + # wsrep_cluster_address doesn't include garbd nodes + if ( $nbNodes > $nbNodesSize ) { badprint -"All cluster nodes are not detected. wsrep_cluster_size != information in wsrep_cluster_address"; +"All cluster nodes are not detected. wsrep_cluster_size less then node count in wsrep_cluster_address"; } else { - badprint "All cluster nodes detected."; + goodprint "All cluster nodes detected."; } } else { From 591d5ffc1961cc249f400e30c0a319586bb75eb3 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 28 Apr 2016 16:44:15 +0200 Subject: [PATCH 087/237] Update README.md --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index c16c7fa..402f5d5 100644 --- a/README.md +++ b/README.md @@ -14,11 +14,12 @@ Compatibility: * MySQL 5.7 (partial support) * MySQL 5.6 (full support) -* MariaDB 10.0 (full support) -* MariaDB 10.1 (partial support) * MySQL 5.5 (full support) -* MySQL 5.1 (full support) -* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (full support) +* MariaDB 10.1 (partial support) +* MariaDB 10.0 (full support) +* Percana Server 5.6 (full support) +* Percona XtraDB cluster (full support) +* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version) * Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package) * Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants) * Windows is not supported at this time (Help wanted !!!!!) From 487bed625f0ee77545f2a5c4ff1388cf8dc848a6 Mon Sep 17 00:00:00 2001 From: Maks3w Date: Fri, 29 Apr 2016 08:57:56 +0200 Subject: [PATCH 088/237] Typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 402f5d5..1087f49 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ Compatibility: * MySQL 5.5 (full support) * MariaDB 10.1 (partial support) * MariaDB 10.0 (full support) -* Percana Server 5.6 (full support) +* Percona Server 5.6 (full support) * Percona XtraDB cluster (full support) * MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version) * Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package) From 92dc77e4cdcdc2a7c3b4c0d800e229d547f742a9 Mon Sep 17 00:00:00 2001 From: jkavalik Date: Fri, 29 Apr 2016 12:56:24 +0200 Subject: [PATCH 089/237] Fix for #197 Merge GLOBAL status after SESSION - the non-global variables (like Percona from #184) will be present but stats are computed from GLOBAL counters which overwrite the SESSION ones if they exist. --- mysqltuner.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1349f67..ac577b2 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -950,13 +950,13 @@ sub get_all_vars { debugprint "VERSION: " . $dummyselect . ""; $result{'MySQL Client'}{'Version'} = $dummyselect; - my @mysqlvarlist = select_array("SHOW GLOBAL VARIABLES"); - push( @mysqlvarlist, select_array("SHOW VARIABLES") ); + my @mysqlvarlist = select_array("SHOW VARIABLES"); + push( @mysqlvarlist, select_array("SHOW GLOBAL VARIABLES") ); arr2hash( \%myvar, \@mysqlvarlist ); $result{'Variables'} = %myvar; - my @mysqlstatlist = select_array("SHOW GLOBAL STATUS"); - push( @mysqlstatlist, select_array("SHOW STATUS") ); + my @mysqlstatlist = select_array("SHOW STATUS"); + push( @mysqlstatlist, select_array("SHOW GLOBAL STATUS") ); arr2hash( \%mystat, \@mysqlstatlist ); $result{'Status'} = %mystat; From 1727a42b29868ae956e01912598fc9bb3dbd496f Mon Sep 17 00:00:00 2001 From: root Date: Fri, 29 Apr 2016 13:46:52 +0200 Subject: [PATCH 090/237] Fix #195 single quote enclosed password --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ac577b2..d6f1e9a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -696,7 +696,7 @@ sub mysql_setup { # Did we already get a username and password passed on the command line? if ( $opt{user} ne 0 and $opt{pass} ne 0 ) { - $mysqllogin = "-u $opt{user} -p\"$opt{pass}\"" . $remotestring; + $mysqllogin = "-u $opt{user} -p'$opt{pass}'" . $remotestring; my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { goodprint "Logged in using credentials passed on the command line"; From 2e2d945e6336ee77d3e131123eda3be8996ded13 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 29 Apr 2016 14:01:15 +0200 Subject: [PATCH 091/237] Fix #190 changing typo for recommandations on multiprocessor --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index d6f1e9a..bfaaa32 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2494,12 +2494,12 @@ sub mysql_stats { elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) ) { if ( $myvar{'query_cache_type'} ne "OFF" ) { badprint -"Query cache should be disabled by default due to mutex contention."; +"Query cache may be disabled by default due to mutex contention."; push( @adjvars, "query_cache_type (=0)" ); } else { goodprint - "Query cache is disabled by default due to mutex contention."; + "Query cache is disabled by default due to mutex contention on multiprocessor machines."; } } elsif ( $myvar{'query_cache_size'} < 1 ) { From bead8a77efca41986a4baedf313345b00bec4f81 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 29 Apr 2016 14:19:46 +0200 Subject: [PATCH 092/237] Adding this message for <=5.1 version No more password checks for MySQL version <=5.1 MySQL version <=5.1 are deprecated and end of support. --- mysqltuner.pl | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index bfaaa32..71cb4ac 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.10 +# mysqltuner.pl - Version 1.6.11 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.10"; +my $tunerversion = "1.6.11"; my ( @adjvars, @generalrec ); # Set defaults @@ -1426,7 +1426,11 @@ sub security_recommendations { else { goodprint "There are no anonymous accounts for any database users"; } - + if ( mysql_version_le( 5, 1 ) ) { + badprint "No more password checks for MySQL version <=5.1"; + badprint "MySQL version <=5.1 are deprecated and end of support."; + return; + } # Looking for Empty Password @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')"; @@ -4048,7 +4052,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.10 - MySQL High Performance Tuning Script + MySQLTuner 1.6.11 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From f6f66a49ef012c5f570d9d512b1cea6913b87f7a Mon Sep 17 00:00:00 2001 From: root Date: Fri, 29 Apr 2016 14:25:16 +0200 Subject: [PATCH 093/237] #196 comment thread_cache_size recommandations --- mysqltuner.pl | 48 +++++++++++++++++++++++------------------------- 1 file changed, 23 insertions(+), 25 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 71cb4ac..e56d6f8 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2665,31 +2665,29 @@ sub mysql_stats { } # Thread cache - if ( $myvar{'thread_cache_size'} eq 0 ) { - badprint "Thread cache is disabled"; - push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); - push( @adjvars, "thread_cache_size (start at 4)" ); - } - else { - if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { - badprint - "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" - . hr_num( $mystat{'Threads_created'} ) - . " created / " - . hr_num( $mystat{'Connections'} ) - . " connections)"; - push( @adjvars, - "thread_cache_size (> $myvar{'thread_cache_size'})" ); - } - else { - goodprint - "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" - . hr_num( $mystat{'Threads_created'} ) - . " created / " - . hr_num( $mystat{'Connections'} ) - . " connections)"; - } - } + #if ( $myvar{'thread_cache_size'} eq 0 ) { + # badprint "Thread cache is disabled"; + # push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); + # push( @adjvars, "thread_cache_size (start at 4)" ); + #} else { + # if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { + # badprint + # "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" + # . hr_num( $mystat{'Threads_created'} ) + # . " created / " + # . hr_num( $mystat{'Connections'} ) + # . " connections)"; + # push( @adjvars, + # "thread_cache_size (> $myvar{'thread_cache_size'})" ); + # } else { + # goodprint + # "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" + # . hr_num( $mystat{'Threads_created'} ) + # . " created / " + # . hr_num( $mystat{'Connections'} ) + # . " connections)"; + # } + #} # Table cache my $table_cache_var = ""; From 858536f86e2307a0f0399f074c51ca11b347722e Mon Sep 17 00:00:00 2001 From: root Date: Wed, 4 May 2016 16:37:26 +0200 Subject: [PATCH 094/237] Update vulnerabilies list --- vulnerabilities.csv | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 0408842..78a8eae 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -427,6 +427,11 @@ 5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; 10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; 10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; +3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; From 959a41b7089883ec69713c4b82963859bb75c71b Mon Sep 17 00:00:00 2001 From: root Date: Wed, 4 May 2016 17:44:05 +0200 Subject: [PATCH 095/237] #204 updater works fine with curl now --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index e56d6f8..dcbb5f4 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -532,9 +532,9 @@ sub update_tuner_version { debugprint "$httpcli is available."; debugprint - "$httpcli --connect-timeout 5 -silent '$url$script' > $script"; + "$httpcli --connect-timeout 5 '$url$script' 2>$devnull > $script"; $update = - `$httpcli --connect-timeout 5 -silent '$url$script' > $script`; + `$httpcli --connect-timeout 5 '$url$script' 2>$devnull > $script`; chomp($update); debugprint "$script updated: $update"; From a7cd64a4c79b64090a637b2b1bd4e1060fbf0469 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 9 May 2016 10:17:14 +0200 Subject: [PATCH 096/237] Increment version number --- mysqltuner.pl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index dcbb5f4..ed02151 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.11 +# mysqltuner.pl - Version 1.6.12 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.11"; +my $tunerversion = "1.6.12"; my ( @adjvars, @generalrec ); # Set defaults @@ -4050,7 +4050,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.11 - MySQL High Performance Tuning Script + MySQLTuner 1.6.12 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 7c1d5521edd5c1afa626a011edf98f6abf00abf6 Mon Sep 17 00:00:00 2001 From: Ian Gregory Date: Tue, 10 May 2016 10:34:30 +0100 Subject: [PATCH 097/237] Improve portability when fetching process memory - use ps rather than the proc filesystem --- mysqltuner.pl | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ed02151..deb0b25 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1088,15 +1088,15 @@ sub is_open_port { sub get_process_memory { my $pid = shift; - return 0 unless -f "/proc/$pid/status"; - my @pdata = grep { /RSS:/ } get_file_contents "/proc/$pid/status"; - map { s/.*RSS:\s*(\d+)\s*kB\s*$/$1*1024/ge } @pdata; - return $pdata[0]; + my @mem = `ps -p $pid -o rss`; + return 0 if scalar @mem != 2; + return $mem[1]*1024; } sub get_other_process_memory { - my @procs = `ps -eo pid,cmd`; + my @procs = `ps -eaxo pid,command`; map { + s/.*PID.*//; s/.*mysqld.*//; s/.*\[.*\].*//; s/^\s+$//g; From 9056b1b0fa14141f22a257d5e0826064cbaa1e12 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 17 May 2016 12:13:07 +0200 Subject: [PATCH 098/237] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 1087f49..b13d01b 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,8 @@ MySQLTuner-perl [![Build Status - Master](https://travis-ci.org/major/MySQLTuner-perl.svg?branch=master)](https://travis-ci.org/major/MySQLTuner-perl) [![Project Status](http://opensource.box.com/badges/active.svg)](http://opensource.box.com/badges) [![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) +[![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") +[![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. From 8e9cc50311a0ac8b8a1e66da39cab31659e451a4 Mon Sep 17 00:00:00 2001 From: smutel Date: Thu, 19 May 2016 13:44:50 +0200 Subject: [PATCH 099/237] Exclude innodb engine from fragmented tables --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index deb0b25..959191f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1776,11 +1776,11 @@ sub check_storage_engines { $result{'Engine'}{$engine}{'Index Size'} = $isize; } $fragtables = select_one -"SELECT COUNT(TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY'"; +"SELECT COUNT(TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY' AND NOT ENGINE='InnoDB'"; chomp($fragtables); $result{'Tables'}{'Fragmented tables'} = [ select_array -"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY'" +"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY' NOT ENGINE='InnoDB'" ]; } From b2aea7f69dff29a2a3ff6dacbb48cf06da9afa72 Mon Sep 17 00:00:00 2001 From: smutel Date: Thu, 19 May 2016 13:47:46 +0200 Subject: [PATCH 100/237] Update mysqltuner.pl --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 959191f..b0e2159 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1780,7 +1780,7 @@ sub check_storage_engines { chomp($fragtables); $result{'Tables'}{'Fragmented tables'} = [ select_array -"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY' NOT ENGINE='InnoDB'" +"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY' AND NOT ENGINE='InnoDB'" ]; } From 1048038e6482cc50e4ab718b83edcdd022039702 Mon Sep 17 00:00:00 2001 From: smutel Date: Thu, 19 May 2016 17:06:12 +0200 Subject: [PATCH 101/237] Avoid bad syntax error message Error below when executing the script on RHEL6/OL6: Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b0e2159..be1688f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1094,7 +1094,7 @@ sub get_process_memory { } sub get_other_process_memory { - my @procs = `ps -eaxo pid,command`; + my @procs = `ps eaxo pid,command`; map { s/.*PID.*//; s/.*mysqld.*//; From e14ddff90481cc916961cad719d1b168ad359fe7 Mon Sep 17 00:00:00 2001 From: smutel Date: Thu, 19 May 2016 17:10:48 +0200 Subject: [PATCH 102/237] Avoid deprecated message from perl Use of implicit split to @_ is deprecated at /tmp/mysqltuner.pl line 3243 (#1) (D deprecated, W syntax) It makes a lot of work for the compiler when you clobber a subroutine's argument list, so it's better if you assign the results of a split() explicitly to an array (or list). --- mysqltuner.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b0e2159..4e2ae62 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3240,7 +3240,8 @@ sub mariadb_galera { { goodprint "Galera Cluster address is defined: " . $myvar{'wsrep_cluster_address'}; - my $nbNodes = scalar( split /,/, $myvar{'wsrep_cluster_address'} ); + my @NodesTmp = split /,/, $myvar{'wsrep_cluster_address'}; + my $nbNodes = @NodesTmp; infoprint "There are $nbNodes nodes in wsrep_cluster_address"; my $nbNodesSize = trim( $mystat{'wsrep_cluster_size'} ); if ( $nbNodesSize == 3 or $nbNodesSize == 5 ) { From 2a8cf5fea6b696623c895cdd7ef1474b706652b6 Mon Sep 17 00:00:00 2001 From: jfcoz Date: Thu, 2 Jun 2016 09:23:46 +0200 Subject: [PATCH 103/237] add innodb when innodb_file_per_table is ON display OPTIMIZE requests for tables of more than 100mb with more thant 10% fragmentation Run OPTIMIZE TABLE to defragment tables for better performance OPTIMZE TABLE testdb.price; -- can free 496 MB OPTIMZE TABLE testdb.mail; -- can free 5704 MB OPTIMZE TABLE testdb.basket; -- can free 20 MB Total freed space after theses OPTIMIZE TABLE : 6220 Mb --- mysqltuner.pl | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4641fd1..105a185 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -938,6 +938,7 @@ sub arr2hash { my $sep = shift; $sep = '\s' unless defined($sep); foreach my $line (@$harr) { + next if ($line =~ m/^\*\*\*\*\*\*\*/); $line =~ /([a-zA-Z_]*)\s*$sep\s*(.*)/; $$href{$1} = $2; debugprint "V: $1 = $2"; @@ -953,12 +954,12 @@ sub get_all_vars { my @mysqlvarlist = select_array("SHOW VARIABLES"); push( @mysqlvarlist, select_array("SHOW GLOBAL VARIABLES") ); arr2hash( \%myvar, \@mysqlvarlist ); - $result{'Variables'} = %myvar; + $result{'Variables'} = \%myvar; my @mysqlstatlist = select_array("SHOW STATUS"); push( @mysqlstatlist, select_array("SHOW GLOBAL STATUS") ); arr2hash( \%mystat, \@mysqlstatlist ); - $result{'Status'} = %mystat; + $result{'Status'} = \%mystat; $myvar{'have_galera'} = "NO"; if ( defined( $myvar{'wsrep_provider_options'} ) @@ -1002,7 +1003,7 @@ sub get_all_vars { debugprint Dumper(@mysqlenginelist); my @mysqlslave = select_array("SHOW SLAVE STATUS\\G"); arr2hash( \%myrepl, \@mysqlslave, ':' ); - $result{'Replication'}{'Status'} = %myrepl; + $result{'Replication'}{'Status'} = \%myrepl; my @mysqlslaves = select_array "SHOW SLAVE HOSTS"; my @lineitems = (); foreach my $line (@mysqlslaves) { @@ -1775,13 +1776,15 @@ sub check_storage_engines { $result{'Engine'}{$engine}{'Data Size'} = $dsize; $result{'Engine'}{$engine}{'Index Size'} = $isize; } - $fragtables = select_one -"SELECT COUNT(TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY' AND NOT ENGINE='InnoDB'"; - chomp($fragtables); + my $not_innodb=''; + if ($result{'Variables'}{'innodb_file_per_table'} eq 'OFF') { + $not_innodb="AND NOT ENGINE='InnoDB'"; + } $result{'Tables'}{'Fragmented tables'} = [ select_array -"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND Data_free > 0 AND NOT ENGINE='MEMORY' AND NOT ENGINE='InnoDB'" +"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME),DATA_FREE FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND DATA_LENGTH/1024/1024>100 AND DATA_FREE*100/(DATA_LENGTH+INDEX_LENGTH+DATA_FREE) > 10 AND NOT ENGINE='MEMORY' $not_innodb" ]; + $fragtables = scalar @{$result{'Tables'}{'Fragmented tables'}}; } else { @@ -1870,6 +1873,16 @@ sub check_storage_engines { badprint "Total fragmented tables: $fragtables"; push( @generalrec, "Run OPTIMIZE TABLE to defragment tables for better performance" ); + my $total_free=0; + foreach my $table_line (@{$result{'Tables'}{'Fragmented tables'}}) { + my ($table_name,$data_free)=split(/\s+/,$table_line); + $data_free=$data_free/1024/1024; + $total_free+=$data_free; + push( @generalrec, + " OPTIMZE TABLE $table_name; -- can free $data_free MB"); + } + push( @generalrec, + "Total freed space after theses OPTIMIZE TABLE : $total_free Mb" ); } else { goodprint "Total fragmented tables: $fragtables"; From 9af08d015ce1362dcd0050f90752341fd6568bde Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 2 Jun 2016 16:24:41 +0200 Subject: [PATCH 104/237] adding minimum privileges request --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index b13d01b..58ba0c2 100644 --- a/README.md +++ b/README.md @@ -130,6 +130,10 @@ To get information about stored credentials, use the following command: password = ***** host = localhost +Question: What's minimum privileges needed by a specific mysqltuner user in database ? + + mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234; + Question: It's not working on my OS! What gives?! These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly: From b0848e5cc595e96be08e30c9b3d48f4bf55599dd Mon Sep 17 00:00:00 2001 From: jfcoz Date: Fri, 3 Jun 2016 08:33:02 +0200 Subject: [PATCH 105/237] add skip-name-resolve recommandation --- mysqltuner.pl | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 105a185..6a89730 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2501,6 +2501,14 @@ sub mysql_stats { "Aborted connections: $mycalc{'pct_connections_aborted'}% ($mystat{'Aborted_connects'}/$mystat{'Connections'})"; } + # name resolution + if ($result{'Variables'}{'skip_name_resolve'} eq 'OFF') { + badprint +"name resolution is active : a reverse name resolution is made for each new connection and can reduce performance"; + push( @generalrec, + "Configure your accounts with ip or subnets only, then update your configuration with skip-name-resolve=1" ); + } + # Query cache if ( !mysql_version_ge(4) ) { From 5bcddc77b8dc03444fc0ff033e9fe00496c7171e Mon Sep 17 00:00:00 2001 From: root Date: Fri, 3 Jun 2016 11:03:52 +0200 Subject: [PATCH 106/237] #213 changing badprint to print in order to display error message when JSON module is not loaded --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 6a89730..f278489 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4005,7 +4005,7 @@ sub dump_result { if ( $opt{'json'} ne 0 ) { eval "{ use JSON }"; if ($@) { - badprint "JSON Module is needed."; + print "JSON Module is needed."; exit 1; } my $json = JSON->new->allow_nonref; From b479d9aede11ed9ff5b93439a8834a946ae57d2b Mon Sep 17 00:00:00 2001 From: Kevin Houdebert Date: Fri, 3 Jun 2016 15:50:19 +0200 Subject: [PATCH 107/237] Fix typo for OPTIMIZE --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f278489..56c10d3 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1879,7 +1879,7 @@ sub check_storage_engines { $data_free=$data_free/1024/1024; $total_free+=$data_free; push( @generalrec, - " OPTIMZE TABLE $table_name; -- can free $data_free MB"); + " OPTIMIZE TABLE $table_name; -- can free $data_free MB"); } push( @generalrec, "Total freed space after theses OPTIMIZE TABLE : $total_free Mb" ); From 0b534333b2eba0f2d1affdac06bcaaaf62132103 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 10 Jun 2016 10:18:21 +0200 Subject: [PATCH 108/237] Update vulnerabilities list Update mysql tuner version Update internals documentation --- INTERNALS.md | 12 ++++++++++-- mysqltuner.pl | 6 +++--- vulnerabilities.csv | 18 ++++++++++++------ 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index d4ec954..3d60bcb 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -227,9 +227,11 @@ * Key buffer write hit ratio (>95%) ## MySQLTuner Galera information - * wsrep_ready cluster is ready * wsrep_connected node is connected to other nodes +* wsrep_cluster_name is defined. +* wsrep_node_name is defined. +* Check thet notification script wsrep_notify_cmd is defined * wsrep_cluster_status PRIMARY /NON PRIMARY. * PRIMARY : Coherent cluster * NO PRIMARY : cluster gets several states @@ -240,7 +242,13 @@ * SYNCED state able to read/write * wsrep_cluster_conf_id configuration level must be identical in all nodes * wsrep_last_commited committed level must be identical in all nodes - +* Look for tables without primary keys +* Look for non InnoDB tables for Galera +* Variable innodb_flush_log_at_trx_commit should be set to 0. +* Check that there is 3 or 5 members in Galera cluster. +* Check that xtrabackup is used for SST method with wsrep_sst_method variable. +* Check variables wsrep_OSU_method is defined to TOI for updates. +* Check that there is no certification failures controlling wsrep_local_cert_failures status. ## MySQLTuner TokuDB information diff --git a/mysqltuner.pl b/mysqltuner.pl index 56c10d3..b578660 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.12 +# mysqltuner.pl - Version 1.6.13 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.12"; +my $tunerversion = "1.6.13"; my ( @adjvars, @generalrec ); # Set defaults @@ -4072,7 +4072,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.12 - MySQL High Performance Tuning Script + MySQLTuner 1.6.13 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 78a8eae..95cbb61 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -367,6 +367,9 @@ 5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937";Assigned (20150410);"None (candidate not yet proposed)"; +6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937";Assigned (20150410);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937";Assigned (20150410);"None (candidate not yet proposed)"; 5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; @@ -421,12 +424,15 @@ 2.17.1;2;17;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; 10.0.22;10;0;22;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; 2.21.2;2;21;2;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; -5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; +5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; +5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; +5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; +5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; 5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; 10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; 10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; From 16c94a51baf2f1626fe0c2b43a6337098a4a9823 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 10 Jun 2016 10:24:40 +0200 Subject: [PATCH 109/237] uninitialized value in script #218 --- mysqltuner.pl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b578660..75ab90a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1768,7 +1768,10 @@ sub check_storage_engines { foreach my $line (@templist) { ( $engine, $size, $count, $dsize, $isize ) = $line =~ /([a-zA-Z_]*)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)/; - if ( !defined($size) ) { next; } + $size=0 unless defined($size); + $isize=0 unless defined($isize); + $dsize=0 unless defined($dsize); + $count=0 unless defined($count); $enginestats{$engine} = $size; $enginecount{$engine} = $count; $result{'Engine'}{$engine}{'Table Number'} = $count; From cf75be4c840d59b71d60af5762224b4fd9527250 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 10 Jun 2016 10:27:55 +0200 Subject: [PATCH 110/237] Tokudb detection fix #218 --- mysqltuner.pl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 75ab90a..4c2ebee 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3133,8 +3133,7 @@ sub mariadb_tokudb { # AriaDB unless ( defined $myvar{'have_tokudb'} - && $myvar{'have_tokudb'} eq "YES" - && defined $enginestats{'TokuDb'} ) + && $myvar{'have_tokudb'} eq "YES" ) { infoprint "TokuDB is disabled."; return; From 2db14831236f1d019ae79ab7c8e39d514afdc552 Mon Sep 17 00:00:00 2001 From: mhasbini Date: Sat, 11 Jun 2016 16:19:55 +0000 Subject: [PATCH 111/237] switch version check with mysql_setup --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4c2ebee..74ed736 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4034,8 +4034,8 @@ sub which { # BEGIN 'MAIN' # --------------------------------------------------------------------------- headerprint; # Header Print -mysql_setup; # Gotta login first validate_tuner_version; # Check last version +mysql_setup; # Gotta login first os_setup; # Set up some OS variables get_all_vars; # Toss variables/status into hashes get_tuning_info; # Get information about the tuning connexion @@ -4049,7 +4049,7 @@ security_recommendations; # Display some security recommendations cve_recommendations; # Display related CVE calculations; # Calculate everything we need mysql_stats; # Print the server stats -mysqsl_pfs # Print Performance schema info +mysqsl_pfs; # Print Performance schema info mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats mariadb_ariadb; # Print MaraiDB AriaDB stats From d14809363477843903b074d1ef838838342494ae Mon Sep 17 00:00:00 2001 From: mhasbini Date: Sat, 11 Jun 2016 16:36:59 +0000 Subject: [PATCH 112/237] no need to return, just exit --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 74ed736..62c0cc1 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -593,7 +593,7 @@ sub compare_tuner_version { return; } goodprint "You have the latest version of MySQLTuner($tunerversion)"; - return; + exit 0; } # Checks to see if a MySQL login is possible From e4500742548f696f21fbc1764a56c14027dbbb77 Mon Sep 17 00:00:00 2001 From: Louis Sautier Date: Thu, 16 Jun 2016 10:33:03 +0200 Subject: [PATCH 113/237] Reword a message --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 62c0cc1..18e1855 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2446,7 +2446,7 @@ sub mysql_stats { badprint "Overall possible memory usage with other process exceeded memory"; push( @generalrec, - "Dedicated this server to your database for highest performance." ); + "Dedicate this server to your database for highest performance." ); } else { goodprint From 2aece48996e854914ed642929c91e7e79f2540a1 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 16 Jun 2016 11:00:36 +0200 Subject: [PATCH 114/237] Update README.md --- README.md | 38 +++++++++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 58ba0c2..9509bb1 100644 --- a/README.md +++ b/README.md @@ -94,15 +94,15 @@ __Usage:__ Enable debugging information FAQ -- -Question: Will MySQLTuner fix my slow MySQL server? +**Question: Will MySQLTuner fix my slow MySQL server?** **No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.* -Question: Can I fire my DBA now? +**Question: Can I fire my DBA now?** **MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call. -Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over? +**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?** The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains: @@ -112,7 +112,7 @@ The script will try its best to log in via any means possible. It will check fo Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option. -Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ? +**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?** You could use mysql_config_editor utilities. @@ -130,11 +130,11 @@ To get information about stored credentials, use the following command: password = ***** host = localhost -Question: What's minimum privileges needed by a specific mysqltuner user in database ? +**Question: What's minimum privileges needed by a specific mysqltuner user in database ?** mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234; -Question: It's not working on my OS! What gives?! +**Question: It's not working on my OS! What gives?!** These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly: @@ -145,11 +145,35 @@ These kinds of things are bound to happen. Here are the details I need from you * The full text of the error * A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) -Question: How to perform a CVE vulneralibity checks ? +**Question: How to perform a CVE vulneralibity checks ?** * Download vulnerabilities.csv from this repository. * use option --cvefile to perform CVE checks +**Question: How to use mysqltuner from remote host ?** + +* You will still have to connect like a mysql client: + +* Connection and Authentication + + --host Connect to a remote host to perform tests (default: localhost) + --socket Use a different socket for a local connection + --port Port to use for connection (default: 3306) + --user Username to use for authentication + --pass Password to use for authentication + +* Since you are using a remote host, use parameters to supply values from the OS + + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + +* You may have to contact your remote SysAdmin to ask how much RAM and swap you have + +* If the database has too many tables, or very large table, use this: + + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + MySQLTuner and Vagrant -- **MySQLTuner** contains following Vagrant configurations: From 8e831cf09d8d95d9dad2ae3886c6a280afe3a751 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 16 Jun 2016 11:01:55 +0200 Subject: [PATCH 115/237] Update README.md --- README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9509bb1..578e76c 100644 --- a/README.md +++ b/README.md @@ -156,15 +156,20 @@ These kinds of things are bound to happen. Here are the details I need from you * Connection and Authentication - --host Connect to a remote host to perform tests (default: localhost) + --host Connect to a remote host to perform tests (default: localhost) + --socket Use a different socket for a local connection + --port Port to use for connection (default: 3306) + --user Username to use for authentication + --pass Password to use for authentication * Since you are using a remote host, use parameters to supply values from the OS --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes * You may have to contact your remote SysAdmin to ask how much RAM and swap you have From 638e843d49224e08e8a40181cef7f0621868b439 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 16 Jun 2016 11:07:32 +0200 Subject: [PATCH 116/237] Removing strange code blocks :) --- mysqltuner.pl | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4c2ebee..e924443 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -490,9 +490,6 @@ sub validate_tuner_version { compare_tuner_version($update); return; } - else { - - } if ( $httpcli =~ /wget$/ ) { debugprint "$httpcli is available."; @@ -3045,9 +3042,7 @@ sub mysqsl_pfs { infoprint "Performance schema is disabled."; return; } - else { - infoprint "Performance schema is enabled."; - } + infoprint "Performance schema is enabled."; infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); if (grep /^sys$/, select_array("SHOW DATABASES")) { @@ -3056,6 +3051,7 @@ sub mysqsl_pfs { infoprint "Sys schema isn't installed."; return; } + } # Recommendations for Ariadb From e3d721cc8bf6ebfc4b694ce2d5a13d6e24e24a16 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 16 Jun 2016 11:10:12 +0200 Subject: [PATCH 117/237] Update README.md --- README.md | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 578e76c..67bd080 100644 --- a/README.md +++ b/README.md @@ -156,27 +156,22 @@ These kinds of things are bound to happen. Here are the details I need from you * Connection and Authentication - --host Connect to a remote host to perform tests (default: localhost) - - --socket Use a different socket for a local connection - - --port Port to use for connection (default: 3306) - - --user Username to use for authentication - - --pass Password to use for authentication + Parameter --host Connect to a remote host to perform tests (default: localhost) + Parameter --socket Use a different socket for a local connection + Parameter --port Port to use for connection (default: 3306) + Parameter --user Username to use for authentication + Parameter --pass Password to use for authentication * Since you are using a remote host, use parameters to supply values from the OS - --forcemem Amount of RAM installed in megabytes - - --forceswap Amount of swap memory configured in megabytes + Parameter --forcemem Amount of RAM installed in megabytes + Parameter --forceswap Amount of swap memory configured in megabytes * You may have to contact your remote SysAdmin to ask how much RAM and swap you have * If the database has too many tables, or very large table, use this: - --skipsize Don't enumerate tables and their types/sizes (default: on) + Parameter --skipsize Don't enumerate tables and their types/sizes (default: on) (Recommended for servers with many tables) MySQLTuner and Vagrant From d411f037aaa6ba56516ea616fd03c742f7aa76ca Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 16 Jun 2016 11:14:15 +0200 Subject: [PATCH 118/237] Update README.md --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 67bd080..15e883f 100644 --- a/README.md +++ b/README.md @@ -156,22 +156,22 @@ These kinds of things are bound to happen. Here are the details I need from you * Connection and Authentication - Parameter --host Connect to a remote host to perform tests (default: localhost) - Parameter --socket Use a different socket for a local connection - Parameter --port Port to use for connection (default: 3306) - Parameter --user Username to use for authentication - Parameter --pass Password to use for authentication + Parameter host Connect to a remote host to perform tests (default: localhost) + Parameter socket Use a different socket for a local connection + Parameter port Port to use for connection (default: 3306) + Parameter user Username to use for authentication + Parameter pass Password to use for authentication * Since you are using a remote host, use parameters to supply values from the OS - Parameter --forcemem Amount of RAM installed in megabytes - Parameter --forceswap Amount of swap memory configured in megabytes + Parameter forcemem Amount of RAM installed in megabytes + Parameter forceswap Amount of swap memory configured in megabytes * You may have to contact your remote SysAdmin to ask how much RAM and swap you have * If the database has too many tables, or very large table, use this: - Parameter --skipsize Don't enumerate tables and their types/sizes (default: on) + Parameter skipsize Don't enumerate tables and their types/sizes (default: on) (Recommended for servers with many tables) MySQLTuner and Vagrant From ba0cd810303d11b2c5ebe0d0b0a2479b39894892 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 16 Jun 2016 11:18:09 +0200 Subject: [PATCH 119/237] Update README.md --- README.md | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 15e883f..18836dd 100644 --- a/README.md +++ b/README.md @@ -151,27 +151,28 @@ These kinds of things are bound to happen. Here are the details I need from you * use option --cvefile to perform CVE checks **Question: How to use mysqltuner from remote host ?** +Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) * You will still have to connect like a mysql client: -* Connection and Authentication +Connection and Authentication - Parameter host Connect to a remote host to perform tests (default: localhost) - Parameter socket Use a different socket for a local connection - Parameter port Port to use for connection (default: 3306) - Parameter user Username to use for authentication - Parameter pass Password to use for authentication + --host Connect to a remote host to perform tests (default: localhost) + --socket Use a different socket for a local connection + --port Port to use for connection (default: 3306) + --user Username to use for authentication + --pass Password to use for authentication -* Since you are using a remote host, use parameters to supply values from the OS +Since you are using a remote host, use parameters to supply values from the OS - Parameter forcemem Amount of RAM installed in megabytes - Parameter forceswap Amount of swap memory configured in megabytes + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes * You may have to contact your remote SysAdmin to ask how much RAM and swap you have -* If the database has too many tables, or very large table, use this: +If the database has too many tables, or very large table, use this: - Parameter skipsize Don't enumerate tables and their types/sizes (default: on) + --skipsize Don't enumerate tables and their types/sizes (default: on) (Recommended for servers with many tables) MySQLTuner and Vagrant From d82c58f2bf285cd815f4ddf314a1beac2ab92237 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 17 Jun 2016 08:12:38 +0200 Subject: [PATCH 120/237] Updated vulnerability list --- vulnerabilities.csv | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 95cbb61..8d4cc4b 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -310,23 +310,23 @@ 5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"BUGTRAQ:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded | FULLDISC:20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE | URL:http://seclists.org/fulldisclosure/2015/Apr/5 | MISC:http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; @@ -367,9 +367,9 @@ 5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937";Assigned (20150410);"None (candidate not yet proposed)"; -6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937";Assigned (20150410);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937";Assigned (20150410);"None (candidate not yet proposed)"; +5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; +6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; 5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; From 4ea5c09d445bea737cebe7bd8ef76398eeb2d7a9 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 23 Jun 2016 21:28:26 +0200 Subject: [PATCH 121/237] #223 removing version estension for Ubuntu version --- mysqltuner.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index bcd116c..ed90f29 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -945,6 +945,7 @@ sub arr2hash { sub get_all_vars { # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; + $dummyselect =~ s/(.*)\-.*?/$1/; debugprint "VERSION: " . $dummyselect . ""; $result{'MySQL Client'}{'Version'} = $dummyselect; From 5af540cab0b79644281376990e97fdbc135ab757 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 23 Jun 2016 21:30:22 +0200 Subject: [PATCH 122/237] #223 removing version estension for Ubuntu version - V2 --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ed90f29..455c18f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -945,7 +945,7 @@ sub arr2hash { sub get_all_vars { # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; - $dummyselect =~ s/(.*)\-.*?/$1/; + $dummyselect =~ s/(.*?)\-.*/$1/; debugprint "VERSION: " . $dummyselect . ""; $result{'MySQL Client'}{'Version'} = $dummyselect; From 51993aa2c8cb06c4187db69ac702e4222b150b0c Mon Sep 17 00:00:00 2001 From: root Date: Mon, 4 Jul 2016 08:41:16 +0200 Subject: [PATCH 123/237] wsrep_osu_method error #224 --- mysqltuner.pl | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 455c18f..c5ee26e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.13 +# mysqltuner.pl - Version 1.6.14 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.13"; +my $tunerversion = "1.6.14"; my ( @adjvars, @generalrec ); # Set defaults @@ -3321,7 +3321,8 @@ sub mariadb_galera { else { goodprint "SST Method is based on xtrabackup."; } - if ( trim( $myvar{'wsrep_OSU_method'} ) eq "TOI" ) { + if ( (defined($myvar{'wsrep_OSU_method'}) && trim( $myvar{'wsrep_OSU_method'} ) eq "TOI") || + (defined($myvar{'wsrep_osu_method'}) && trim( $myvar{'wsrep_osu_method'} ) eq "TOI") ) { goodprint "TOI is default mode for upgrade."; } else { @@ -4071,7 +4072,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.13 - MySQL High Performance Tuning Script + MySQLTuner 1.6.14 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 5bf860af648e3978fdd4961f1b2b083265572599 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 7 Jul 2016 09:49:29 +0200 Subject: [PATCH 124/237] Update INTERNALS.md #225 --- INTERNALS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INTERNALS.md b/INTERNALS.md index 3d60bcb..6afee6a 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -203,7 +203,7 @@ * MySQL needs 1 instanes per 1Go of Buffer Pool * innodb_buffer_pool instances = round(innodb_buffer_pool_size / 1Go) * innodb_buffer_pool instances must be equals or lower than 64 -* InnoDB Buffer Pool uUsage +* InnoDB Buffer Pool Usage * If more than 20% of InnoDB buffer pool is not used, MySQLTuner raise an alert. * InnoDB Read effiency * Ratio of read without locks From a9f9e69201e6e392c23a5e5bb1aa74ee008710bf Mon Sep 17 00:00:00 2001 From: Grzegorz Adam Kowalski Date: Wed, 13 Jul 2016 12:58:30 +0200 Subject: [PATCH 125/237] Don't exit after positive latest version check --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index c5ee26e..c08e91c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -590,7 +590,7 @@ sub compare_tuner_version { return; } goodprint "You have the latest version of MySQLTuner($tunerversion)"; - exit 0; + return; } # Checks to see if a MySQL login is possible From e8e608b471a3eb928b26ec86f087b7d7eb6ff909 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 8 Aug 2016 17:16:07 +0200 Subject: [PATCH 126/237] Update vulnerability list --- vulnerabilities.csv | 83 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 71 insertions(+), 12 deletions(-) diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 8d4cc4b..d8a09b0 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -427,17 +427,76 @@ 5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; 5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; -5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; 3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; 3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; From b42b97f96f53870abb6fba3d4fd8efbef73b313d Mon Sep 17 00:00:00 2001 From: root Date: Mon, 8 Aug 2016 17:40:53 +0200 Subject: [PATCH 127/237] #227 Stopping MySQL tuner when SELECT VERSION doesnt return any value. This indicates that user doent get enough privileges --- mysqltuner.pl | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index c08e91c..9655788 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -945,6 +945,10 @@ sub arr2hash { sub get_all_vars { # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; + if (not defined($dummyselect) or $dummyselect== "") { + badprint "You probably doesn't get enough privileges for running MySQLTuner ..." + exit(256); + } $dummyselect =~ s/(.*?)\-.*/$1/; debugprint "VERSION: " . $dummyselect . ""; $result{'MySQL Client'}{'Version'} = $dummyselect; From da1819d66b76326f90d03e7c2a83072535b2f06c Mon Sep 17 00:00:00 2001 From: root Date: Tue, 9 Aug 2016 10:15:49 +0200 Subject: [PATCH 128/237] Bug fix for exec fail --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 9655788..a6f2d8d 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -946,7 +946,7 @@ sub get_all_vars { # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; if (not defined($dummyselect) or $dummyselect== "") { - badprint "You probably doesn't get enough privileges for running MySQLTuner ..." + badprint "You probably doesn't get enough privileges for running MySQLTuner ..."; exit(256); } $dummyselect =~ s/(.*?)\-.*/$1/; From b3005038d3342dc2694c71edabb860afba524c2b Mon Sep 17 00:00:00 2001 From: root Date: Tue, 9 Aug 2016 13:38:47 +0200 Subject: [PATCH 129/237] Removing some warnings and errors messages when sysctl doesnt get any value --- mysqltuner.pl | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index a6f2d8d..b577016 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.14 +# mysqltuner.pl - Version 1.6.15 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.14"; +my $tunerversion = "1.6.15"; my ( @adjvars, @generalrec ); # Set defaults @@ -228,7 +228,8 @@ my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : ""; # Super structure containing all information my %result; - +$result{'MySQLTuner'}{'version'}=$tunerversion; +$result{'MySQLTuner'}{'options'}=%opt; # Functions that handle the print styles sub prettyprint { print $_[0] . "\n" unless ( $opt{'silent'} or $opt{'json'} ); @@ -945,7 +946,7 @@ sub arr2hash { sub get_all_vars { # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; - if (not defined($dummyselect) or $dummyselect== "") { + if (not defined($dummyselect) or $dummyselect eq "") { badprint "You probably doesn't get enough privileges for running MySQLTuner ..."; exit(256); } @@ -1238,7 +1239,7 @@ sub get_kernel_info() { ); infoprint "Information about kernel tuning:"; foreach my $param (@params) { - infocmd_tab("sysctl $param"); + infocmd_tab("sysctl $param 2>/dev/null"); } if ( `sysctl -n vm.swappiness` > 10 ) { badprint @@ -1250,7 +1251,8 @@ sub get_kernel_info() { infoprint "Swappiness is < 10."; } - if ( `sysctl -n sunrpc.tcp_slot_table_entries` < 100 ) { + my $tcp_slot_entries=`sysctl -n sunrpc.tcp_slot_table_entries 2>/dev/null`; + if ( $tcp_slot_entries eq '' or $tcp_slot_entries < 100 ) { badprint "Initial TCP slot entries is < 1M, please consider having a value greater than 100"; push @generalrec, "setup Initial TCP slot entries greater than 100"; @@ -4076,7 +4078,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.14 - MySQL High Performance Tuning Script + MySQLTuner 1.6.15 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 97587f6d2f1a90bfdf92ebbd9225c7af37c3b3b4 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 9 Aug 2016 16:04:13 +0200 Subject: [PATCH 130/237] Adding a lot of things in JSON structure --- mysqltuner.pl | 43 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b577016..7e9823e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -229,7 +229,7 @@ my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : ""; # Super structure containing all information my %result; $result{'MySQLTuner'}{'version'}=$tunerversion; -$result{'MySQLTuner'}{'options'}=%opt; +$result{'MySQLTuner'}{'options'}=\%opt; # Functions that handle the print styles sub prettyprint { print $_[0] . "\n" unless ( $opt{'silent'} or $opt{'json'} ); @@ -1079,6 +1079,7 @@ sub get_opened_ports { } @opened_ports; @opened_ports = sort { $a <=> $b } grep { !/^$/ } @opened_ports; debugprint Dumper \@opened_ports; + $result{'Network'}{'TCP Opened'}=\@opened_ports; return @opened_ports; } @@ -1165,6 +1166,7 @@ sub get_fs_info() { else { infoprint "mount point $2 is using $1 % of total space"; } + $result{'Filesystem'}{'Space Pct'}{$2}=$1; } } @@ -1181,6 +1183,7 @@ sub get_fs_info() { else { infoprint "mount point $2 is using $1 % of max allowed inodes"; } + $result{'Filesystem'}{'Inode Pct'}{$2}=$1; } } } @@ -1240,6 +1243,7 @@ sub get_kernel_info() { infoprint "Information about kernel tuning:"; foreach my $param (@params) { infocmd_tab("sysctl $param 2>/dev/null"); + $result{'OS'}{'Config'}{$param}=`sysctl -n $param 2>/dev/null`; } if ( `sysctl -n vm.swappiness` > 10 ) { badprint @@ -1277,24 +1281,33 @@ sub get_kernel_info() { } sub get_system_info() { + $result{'OS'}{'Release'}=get_os_release(); infoprint get_os_release; if (is_virtual_machine) { infoprint "Machine type : Virtual machine"; + $result{'OS'}{'Virtual Machine'}='YES'; } else { infoprint "Machine type : Physical machine"; + $result{'OS'}{'Virtual Machine'}='NO'; } + $result{'Network'}{'Connected'}='NO'; `ping -c 1 ipecho.net &>/dev/null`; my $isConnected = $?; if ( $? == 0 ) { infoprint "Internet : Connected"; + $result{'Network'}{'Connected'}='YES'; } else { badprint "Internet : Disconnected"; } + $result{'OS'}{'Type'}=`uname -o`; infoprint "Operating System Type : " . infocmd_one "uname -o"; + $result{'OS'}{'Kernel'}=`uname -r`; infoprint "Kernel Release : " . infocmd_one "uname -r"; + $result{'OS'}{'Hostname'}=`hostname`; + $result{'Network'}{'Internal Ip'}=`hostname -I`; infoprint "Hostname : " . infocmd_one "hostname"; infoprint "Network Cards : "; infocmd_tab "ifconfig| grep -A1 mtu"; @@ -1302,14 +1315,16 @@ sub get_system_info() { my $httpcli = get_http_cli(); infoprint "HTTP client found: $httpcli" if defined $httpcli; + my $ext_ip=""; if ( $httpcli =~ /curl$/ ) { - infoprint "External IP : " - . infocmd_one "$httpcli ipecho.net/plain"; + $ext_ip=infocmd_one "$httpcli ipecho.net/plain"; } elsif ( $httpcli =~ /wget$/ ) { - infoprint "External IP : " - . infocmd_one "$httpcli -q -O - ipecho.net/plain"; + + $ext_ip=infocmd_one "$httpcli -q -O - ipecho.net/plain"; } + infoprint "External IP : ".$ext_ip; + $result{'Network'}{'External Ip'}=$ext_ip; badprint "External IP : Can't check because of Internet connectivity" unless defined($httpcli); @@ -1317,11 +1332,13 @@ sub get_system_info() { . infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; infoprint "Logged In users : "; infocmd_tab "who"; + $result{'OS'}{'Logged users'}=`who`; infoprint "Ram Usages in Mb : "; infocmd_tab "free -m | grep -v +"; + $result{'OS'}{'Free Memory RAM'}=`free -m | grep -v +`; infoprint "Load Average : "; infocmd_tab "top -n 1 -b | grep 'load average:'"; - + $result{'OS'}{'Load Average'}=`top -n 1 -b | grep 'load average:'`; #infoprint "System Uptime Days/(HH:MM) : `uptime | awk '{print $3,$4}' | cut -f1 -d,`"; } @@ -1552,6 +1569,7 @@ sub get_replication_status { infoprint "No replication setup for this server."; return; } + $result{'Replication'}{'status'}= \%myrepl; my ($io_running) = $myrepl{'Slave_IO_Running'}; debugprint "IO RUNNING: $io_running "; my ($sql_running) = $myrepl{'Slave_SQL_Running'}; @@ -2361,14 +2379,21 @@ sub mysql_stats { infoprint "Max MySQL memory : " . hr_bytes( $mycalc{'max_peak_memory'} ); infoprint "Other process memory: " . hr_bytes( get_other_process_memory() ); + #print hr_bytes( $mycalc{'server_buffers'} ); + infoprint "Total buffers: " . hr_bytes( $mycalc{'server_buffers'} ) . " global + " . hr_bytes( $mycalc{'per_thread_buffers'} ) . " per thread ($myvar{'max_connections'} max threads)"; infoprint "P_S Max memory usage: " . hr_bytes_rnd( get_pf_memory() ); + $result{'P_S'}{'memory'}=get_other_process_memory(); + $result{'P_S'}{'pretty_memory'}=hr_bytes_rnd(get_other_process_memory()); infoprint "Galera GCache Max memory usage: " . hr_bytes_rnd( get_gcache_memory() ); + $result{'Galera'}{'GCache'}{'memory'}=get_gcache_memory(); + $result{'Galera'}{'GCache'}{'pretty_memory'}=hr_bytes_rnd(get_gcache_memory()); + if ( $opt{buffers} ne 0 ) { infoprint "Global Buffers"; infoprint " +-- Key Buffer: " @@ -3199,10 +3224,12 @@ sub mariadb_galera { next unless $gvar =~ /^wsrep.*/; next if $gvar eq 'wsrep_provider_options'; debugprint "\t" . trim($gvar) . " = " . $myvar{$gvar}; + $result{'Galera'}{'variables'}{$gvar}= $myvar{$gvar}; } debugprint "Galera wsrep provider Options:"; my @galera_options = get_wsrep_options; + $result{'Galera'}{'wsrep options'}=get_wsrep_options(); foreach my $gparam (@galera_options) { debugprint "\t" . trim($gparam); } @@ -3210,6 +3237,7 @@ sub mariadb_galera { foreach my $gstatus ( keys %mystat ) { next unless $gstatus =~ /^wsrep.*/; debugprint "\t" . trim($gstatus) . " = " . $mystat{$gstatus}; + $result{'Galera'}{'status'}{$gstatus}= $myvar{$gstatus}; } infoprint "GCache is using " . hr_bytes_rnd( get_wsrep_option('gcache.mem_size') ); @@ -3221,6 +3249,7 @@ sub mariadb_galera { badprint "Following table(s) don't have primary key:"; foreach my $badtable (@primaryKeysNbTables) { badprint "\t$badtable"; + push @{$result{'Tables without PK'}}, $badtable; } } else { @@ -3896,6 +3925,8 @@ ENDSQL # Take the two recommendation arrays and display them at the end of the output sub make_recommendations { + $result{'Recommendations'}=\@generalrec; + $result{'Adjust variables'}=\@adjvars; subheaderprint "Recommendations"; if ( @generalrec > 0 ) { prettyprint "General recommendations:"; From 6300c3a2c7d007239ad45f69226579983001ecc6 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 10 Aug 2016 11:44:22 +0200 Subject: [PATCH 131/237] Adjust request for table without primary key #229 --- mysqltuner.pl | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 7e9823e..f10a0a7 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3242,8 +3242,14 @@ sub mariadb_galera { infoprint "GCache is using " . hr_bytes_rnd( get_wsrep_option('gcache.mem_size') ); my @primaryKeysNbTables = select_array( -"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.columns where table_schema not in ('mysql', 'information_schema', 'performance_schema') group by table_schema,table_name having sum(if(column_key in ('PRI','UNI'), 1,0)) = 0" - ); +"Select CONCAT(c.table_schema,CONCAT('.', c.table_name)) +from information_schema.columns c +join information_schema.tables t using (TABLE_SCHEMA, TABLE_NAME) +where c.table_schema not in ('mysql', 'information_schema', 'performance_schema') + and t.table_type != 'VIEW' +group by c.table_schema,c.table_name +having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0" +); if ( scalar(@primaryKeysNbTables) > 0 ) { badprint "Following table(s) don't have primary key:"; From 2aac89e89cb33bd319eb9cea10fe4d3c385534a4 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 10 Aug 2016 11:47:36 +0200 Subject: [PATCH 132/237] Don t display advice for tcp slot if /proc/sys/sunrpc file doesn t exist #30 --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f10a0a7..4953472 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1256,7 +1256,7 @@ sub get_kernel_info() { } my $tcp_slot_entries=`sysctl -n sunrpc.tcp_slot_table_entries 2>/dev/null`; - if ( $tcp_slot_entries eq '' or $tcp_slot_entries < 100 ) { + if ( -f "/proc/sys/sunrpc" and $tcp_slot_entries eq '' or $tcp_slot_entries < 100 ) { badprint "Initial TCP slot entries is < 1M, please consider having a value greater than 100"; push @generalrec, "setup Initial TCP slot entries greater than 100"; From 24f1c722d3fabe584234390fdd8fb3cfcac75851 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 10 Aug 2016 11:48:41 +0200 Subject: [PATCH 133/237] Don t display advice for tcp slot if /proc/sys/sunrpc file doesn t exist #230 --- mysqltuner.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4953472..1a6ca81 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1255,6 +1255,7 @@ sub get_kernel_info() { infoprint "Swappiness is < 10."; } + # only if /proc/sys/sunrpc exists my $tcp_slot_entries=`sysctl -n sunrpc.tcp_slot_table_entries 2>/dev/null`; if ( -f "/proc/sys/sunrpc" and $tcp_slot_entries eq '' or $tcp_slot_entries < 100 ) { badprint From ef1f96625a3fc64ff941603e2f916ce112b88381 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 10 Aug 2016 13:40:58 +0200 Subject: [PATCH 134/237] #231 change label for CVE reports --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1a6ca81..0368d43 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1052,8 +1052,8 @@ sub cve_recommendations { while ( my $cveline = ) { my @cve = split( ';', $cveline ); if ( mysql_micro_version_le( $cve[1], $cve[2], $cve[3] ) ) { - badprint "$cve[4] : $cve[5]"; - $result{'CVE'}{'List'}{$cvefound}="$cve[4] : $cve[5]"; + badprint "$cve[4] : $cve[6]"; + $result{'CVE'}{'List'}{$cvefound}="$cve[4] : $cve[6]"; $cvefound++; } From 2f67a7e7daa8d8f8712fd04d19eacdc93cd712a6 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 18 Aug 2016 09:20:15 +0200 Subject: [PATCH 135/237] Update README.md --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 18836dd..2a1a741 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,14 @@ MySQLTuner is a script written in Perl that allows you to review a MySQL install ![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) +MySQLTuner needs you +-- +**MySQLTuner** needs contributors for documentation, code and feedbacks.. + +* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) + Compatibility: ==== From 16046e2c192a6a48d22877f5bf3149be228effaf Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 18 Aug 2016 09:20:49 +0200 Subject: [PATCH 136/237] Update README.md --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2a1a741..3d7e8da 100644 --- a/README.md +++ b/README.md @@ -11,8 +11,9 @@ MySQLTuner is a script written in Perl that allows you to review a MySQL install ![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) -MySQLTuner needs you --- +MySQLTuner needs you: +=== + **MySQLTuner** needs contributors for documentation, code and feedbacks.. * Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). From 672a43defc8a11fc8081987236deac259becfd9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Peter=20=27Pessoft=27=20Kol=C3=ADnek?= Date: Tue, 23 Aug 2016 22:39:17 +0200 Subject: [PATCH 137/237] Add more basic passwords used in MySQL online documentation --- basic_passwords.txt | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/basic_passwords.txt b/basic_passwords.txt index 5e2a4f4..d9fe64e 100644 --- a/basic_passwords.txt +++ b/basic_passwords.txt @@ -603,3 +603,13 @@ MySQL Mysql Dba dba +mypass +MyNewPass +some_pass +admin_pass +obscure +password +new_password +new_password1 +new_password2 +root-password From 532cc7db86af500ad45e0841ade66886461503fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Peter=20=27Pessoft=27=20Kol=C3=ADnek?= Date: Tue, 23 Aug 2016 23:00:25 +0200 Subject: [PATCH 138/237] Remove duplicate passwords, even those covered by modification of case during password test --- basic_passwords.txt | 3 --- 1 file changed, 3 deletions(-) diff --git a/basic_passwords.txt b/basic_passwords.txt index d9fe64e..180a0ca 100644 --- a/basic_passwords.txt +++ b/basic_passwords.txt @@ -386,7 +386,6 @@ little biteme hardcore white -0 redwings 66 enter @@ -600,8 +599,6 @@ success albert mysql MySQL -Mysql -Dba dba mypass MyNewPass From 70455de4ba589061dc2a48aeb0c14a9249279fbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Peter=20=27Pessoft=27=20Kol=C3=ADnek?= Date: Wed, 24 Aug 2016 00:21:18 +0200 Subject: [PATCH 139/237] Fix SQL string concatenation in capitalization during password test --- mysqltuner.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 0368d43..047de65 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1483,7 +1483,7 @@ sub security_recommendations { # Looking for User with user/ uppercase /capitalise user as password @mysqlstatlist = select_array -"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(user) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(user)) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(LEFT(User, 1)) + SUBSTRING(User, 2, LENGTH(User)))"; +"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(user) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(user)) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(CONCAT(UPPER(LEFT(User, 1)), SUBSTRING(User, 2, LENGTH(User))))"; if (@mysqlstatlist) { foreach my $line ( sort @mysqlstatlist ) { chomp($line); @@ -1528,12 +1528,12 @@ sub security_recommendations { . $pass . "') OR $PASS_COLUMN_NAME = PASSWORD(UPPER('" . $pass - . "')) OR $PASS_COLUMN_NAME = PASSWORD(UPPER(LEFT('" + . "')) OR $PASS_COLUMN_NAME = PASSWORD(CONCAT(UPPER(LEFT('" . $pass - . "', 1)) + SUBSTRING('" + . "', 1)), SUBSTRING('" . $pass . "', 2, LENGTH('" - . $pass . "')))"; + . $pass . "'))))"; debugprint "There is " . scalar(@mysqlstatlist) . " items."; if (@mysqlstatlist) { foreach my $line (@mysqlstatlist) { From 8e8345dac34444e95473b47475c4599e9e05cdc4 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 25 Aug 2016 16:33:58 +0200 Subject: [PATCH 140/237] Update vulnerabilities list issue #237: Test skip_name_resolve is set before using it Adding information message when skip_name_resolve is missing --- mysqltuner.pl | 4 +- vulnerabilities.csv | 122 ++++++++++++++++++++++---------------------- 2 files changed, 64 insertions(+), 62 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 047de65..718dcd7 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2535,7 +2535,9 @@ sub mysql_stats { } # name resolution - if ($result{'Variables'}{'skip_name_resolve'} eq 'OFF') { + if (not defined($result{'Variables'}{'skip_name_resolve'})) { + infoprint "Skipped name resolution test due to missing skip_name_resolve in system variables. ?More info?"; + } elsif( $result{'Variables'}{'skip_name_resolve'} eq 'OFF') { badprint "name resolution is active : a reverse name resolution is made for each new connection and can reduce performance"; push( @generalrec, diff --git a/vulnerabilities.csv b/vulnerabilities.csv index d8a09b0..7ddfd7a 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -330,7 +330,7 @@ 5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; @@ -374,7 +374,7 @@ 5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; @@ -439,64 +439,64 @@ 5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; 5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; 5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; 3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; From 11ccfccc1c29fc511fe56c084f6ab96fb2de71cf Mon Sep 17 00:00:00 2001 From: root Date: Fri, 26 Aug 2016 10:40:58 +0200 Subject: [PATCH 141/237] #235 #231 review way to select version bug fix in calculate greater and lower version --- mysqltuner.pl | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 718dcd7..babe28d 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -226,6 +226,9 @@ my $deb = ( $opt{nocolor} == 0 ) ? "[\e[0;31mDG\e[0m]" : "[DG]"; my $cmd = ( $opt{nocolor} == 0 ) ? "\e[1;32m[CMD]($me)" : "[CMD]($me)"; my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : ""; +# Checks for supported or EOL'ed MySQL versions +my ( $mysqlvermajor, $mysqlverminor, $mysqlvermicro ); + # Super structure containing all information my %result; $result{'MySQLTuner'}{'version'}=$tunerversion; @@ -1051,7 +1054,17 @@ sub cve_recommendations { open( FH, "<$opt{cvefile}" ) or die "Can't open $opt{cvefile} for read: $!"; while ( my $cveline = ) { my @cve = split( ';', $cveline ); - if ( mysql_micro_version_le( $cve[1], $cve[2], $cve[3] ) ) { + debugprint "Comparing $mysqlvermajor\.$mysqlverminor\.$mysqlvermicro with $cve[1]\.$cve[2]\.$cve[3] : ".(mysql_version_le( $cve[1], $cve[2], $cve[3] )?'<=':'>'); + + # Fix some false positive in CVS parsing + next if (int($cve[1]) > 10 or int($cve[1]) == 6 or int($cve[1]) < 3); + + # Removing 10.X.X CVE when version is a 3, 4 or 5 MySQL + next if ( ( int($mysqlvermajor) == 3 || + int($mysqlvermajor) == 4 || + int($mysqlvermajor) == 5 ) && int($cve[1]) == 10); + + if ( mysql_version_le( $cve[1], $cve[2], $cve[3] ) ) { badprint "$cve[4] : $cve[6]"; $result{'CVE'}{'List'}{$cvefound}="$cve[4] : $cve[6]"; $cvefound++; @@ -1257,7 +1270,7 @@ sub get_kernel_info() { # only if /proc/sys/sunrpc exists my $tcp_slot_entries=`sysctl -n sunrpc.tcp_slot_table_entries 2>/dev/null`; - if ( -f "/proc/sys/sunrpc" and $tcp_slot_entries eq '' or $tcp_slot_entries < 100 ) { + if ( -f "/proc/sys/sunrpc" and ($tcp_slot_entries eq '' or $tcp_slot_entries < 100) ) { badprint "Initial TCP slot entries is < 1M, please consider having a value greater than 100"; push @generalrec, "setup Initial TCP slot entries greater than 100"; @@ -1606,9 +1619,6 @@ sub get_replication_status { } } -# Checks for supported or EOL'ed MySQL versions -my ( $mysqlvermajor, $mysqlverminor, $mysqlvermicro ); - sub validate_mysql_version { ( $mysqlvermajor, $mysqlverminor, $mysqlvermicro ) = $myvar{'version'} =~ /^(\d+)(?:\.(\d+)|)(?:\.(\d+)|)/; @@ -1636,9 +1646,9 @@ sub mysql_version_ge { my ( $maj, $min, $mic ) = @_; $min ||= 0; $mic ||= 0; - return $mysqlvermajor > $maj - || $mysqlvermajor == $maj && ( $mysqlverminor > $min - || $mysqlverminor == $min && $mysqlvermicro >= $mic ); + return int($mysqlvermajor) > int($maj) + || ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) > int($min) ) + || ( int($mysqlverminor) == int($min) && int($mysqlvermicro) >= int($mic) ); } # Checks if MySQL version is lower than equal to (major, minor, micro) @@ -1646,9 +1656,9 @@ sub mysql_version_le { my ( $maj, $min, $mic ) = @_; $min ||= 0; $mic ||= 0; - return $mysqlvermajor < $maj - || $mysqlvermajor == $maj && ( $mysqlverminor < $min - || $mysqlverminor == $min && $mysqlvermicro <= $mic ); + return int($mysqlvermajor) < int($maj) + || ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) < int($min) ) + || ( int($mysqlverminor) == int($min) && int($mysqlvermicro) <= int($mic) ); } # Checks if MySQL micro version is lower than equal to (major, minor, micro) @@ -1790,7 +1800,9 @@ sub check_storage_engines { my ( $engine, $size, $count, $dsize, $isize ); foreach my $line (@templist) { ( $engine, $size, $count, $dsize, $isize ) = - $line =~ /([a-zA-Z_]*)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)/; + $line =~ /([a-zA-Z_]+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)/; + debugprint "Engine Found: $engine"; + next unless (defined($engine)); $size=0 unless defined($size); $isize=0 unless defined($isize); $dsize=0 unless defined($dsize); @@ -4084,6 +4096,8 @@ os_setup; # Set up some OS variables get_all_vars; # Toss variables/status into hashes get_tuning_info; # Get information about the tuning connexion validate_mysql_version; # Check current MySQL version + + check_architecture; # Suggest 64-bit upgrade system_recommendations; # avoid to many service on the same host check_storage_engines; # Show enabled storage engines From 736fc24c47442913e098c708a412cc5cec797c45 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 26 Aug 2016 11:02:15 +0200 Subject: [PATCH 142/237] increment version --- mysqltuner.pl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index babe28d..9a85c9e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.15 +# mysqltuner.pl - Version 1.6.16 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.15"; +my $tunerversion = "1.6.16"; my ( @adjvars, @generalrec ); # Set defaults @@ -4132,7 +4132,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.15 - MySQL High Performance Tuning Script + MySQLTuner 1.6.16 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 7d966855c719955d06bb44048b06dbd82ec0b27f Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Mon, 29 Aug 2016 14:17:06 +0200 Subject: [PATCH 143/237] update Perl version add 5.22 and 5.24 remove blead as this isn't supported on travis --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index a38ba37..8089c03 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,8 @@ sudo: false language: perl perl: - - "blead" + - "5.24" + - "5.22" - "5.20" - "5.18" - "5.16" From b7b6ebc61e9d522339508127c8618bc508a57aa1 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Mon, 29 Aug 2016 14:26:40 +0200 Subject: [PATCH 144/237] Revert "removing mariaDB 10.1 as test from travis - temporary" This reverts commit 6f5f5c4b45b3a200175a2ad935d8eff24987ee7f. --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8089c03..d4eeadb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,9 +20,9 @@ matrix: - addons: mariadb: "10.0" perl: "5.20" -# - addons: -# mariadb: "10.1" -# perl: "5.20" + - addons: + mariadb: "10.1" + perl: "5.20" before_install: - git clone git://github.com/haarg/perl-travis-helper From c18a52c22b23ed193e653f1e1a3750ce2dff4a05 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Mon, 29 Aug 2016 14:41:36 +0200 Subject: [PATCH 145/237] add MariaDB 10.2 --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index d4eeadb..6294e4b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -23,6 +23,9 @@ matrix: - addons: mariadb: "10.1" perl: "5.20" + - addons: + mariadb: "10.2" + perl: "5.20" before_install: - git clone git://github.com/haarg/perl-travis-helper From 9db37f762b383e5b6846fd5c81f60b1f9260338e Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Mon, 29 Aug 2016 14:56:24 +0200 Subject: [PATCH 146/237] user before_script stage for creating .my.cnf file --- .travis.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 6294e4b..27a0c6f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -37,8 +37,9 @@ install: - cpanm --quiet --notest Data::Dumper - cpanm --quiet --notest Text::Template - cpanm --quiet --notest JSON - -script: + +before_script: - echo -e "[client]\nuser=root\npassword=\"\"" > .my.cnf - chmod 600 .my.cnf - - ./mysqltuner.pl --idxstat --dbstat + +script: ./mysqltuner.pl --idxstat --dbstat From 51359e5815451bccc45aa154c7cca92d60f28287 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Mon, 29 Aug 2016 15:14:55 +0200 Subject: [PATCH 147/237] fix indentation --- .travis.yml | 64 ++++++++++++++++++++++++++--------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/.travis.yml b/.travis.yml index 27a0c6f..e65059c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,44 +2,44 @@ sudo: false language: perl perl: - - "5.24" - - "5.22" - - "5.20" - - "5.18" - - "5.16" - - "5.14" - - "5.12" - - "5.10" - - "5.8" + - "5.24" + - "5.22" + - "5.20" + - "5.18" + - "5.16" + - "5.14" + - "5.12" + - "5.10" + - "5.8" matrix: - include: - - addons: - mariadb: "5.5" - perl: "5.20" - - addons: - mariadb: "10.0" - perl: "5.20" - - addons: - mariadb: "10.1" - perl: "5.20" - - addons: - mariadb: "10.2" - perl: "5.20" + include: + - addons: + mariadb: "5.5" + perl: "5.20" + - addons: + mariadb: "10.0" + perl: "5.20" + - addons: + mariadb: "10.1" + perl: "5.20" + - addons: + mariadb: "10.2" + perl: "5.20" before_install: - - git clone git://github.com/haarg/perl-travis-helper - - source perl-travis-helper/init - - build-perl - - perl -V + - git clone git://github.com/haarg/perl-travis-helper + - source perl-travis-helper/init + - build-perl + - perl -V install: - - cpanm --quiet --notest Data::Dumper - - cpanm --quiet --notest Text::Template - - cpanm --quiet --notest JSON + - cpanm --quiet --notest Data::Dumper + - cpanm --quiet --notest Text::Template + - cpanm --quiet --notest JSON before_script: - - echo -e "[client]\nuser=root\npassword=\"\"" > .my.cnf - - chmod 600 .my.cnf - + - echo -e "[client]\nuser=root\npassword=\"\"" > .my.cnf + - chmod 600 .my.cnf + script: ./mysqltuner.pl --idxstat --dbstat From dbbe785e01579ed8b25c58df84133ad3cacfa363 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 29 Aug 2016 17:10:26 +0200 Subject: [PATCH 148/237] #231 #235 bug fix regarding way CVE are selected. --- mysqltuner.pl | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 9a85c9e..b8f5e4e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.16 +# mysqltuner.pl - Version 1.6.17 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.16"; +my $tunerversion = "1.6.17"; my ( @adjvars, @generalrec ); # Set defaults @@ -1056,20 +1056,13 @@ sub cve_recommendations { my @cve = split( ';', $cveline ); debugprint "Comparing $mysqlvermajor\.$mysqlverminor\.$mysqlvermicro with $cve[1]\.$cve[2]\.$cve[3] : ".(mysql_version_le( $cve[1], $cve[2], $cve[3] )?'<=':'>'); - # Fix some false positive in CVS parsing - next if (int($cve[1]) > 10 or int($cve[1]) == 6 or int($cve[1]) < 3); - - # Removing 10.X.X CVE when version is a 3, 4 or 5 MySQL - next if ( ( int($mysqlvermajor) == 3 || - int($mysqlvermajor) == 4 || - int($mysqlvermajor) == 5 ) && int($cve[1]) == 10); - - if ( mysql_version_le( $cve[1], $cve[2], $cve[3] ) ) { - badprint "$cve[4] : $cve[6]"; - $result{'CVE'}{'List'}{$cvefound}="$cve[4] : $cve[6]"; + # Avoid not major/minor version corresponding CVEs + next unless (int($cve[1])==$mysqlvermajor && int($cve[2])==$mysqlverminor); + if ( int($cve[3]) >= $mysqlvermicro ) { + badprint "$cve[4](<= $cve[1]\.$cve[2]\.$cve[3]) : $cve[6]"; + $result{'CVE'}{'List'}{$cvefound}="$cve[4](<= $cve[1]\.$cve[2]\.$cve[3]) : $cve[6]"; $cvefound++; } - } close FH or die "Cannot close $opt{cvefile}: $!"; $result{'CVE'}{'nb'}=$cvefound; @@ -4132,7 +4125,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.16 - MySQL High Performance Tuning Script + MySQLTuner 1.6.17 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 8f33b55fea52f2d7b93114c57b88a1ce94091264 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 13:34:52 +0200 Subject: [PATCH 149/237] #242 initiliaze $data_free to 0 if not defined or is empty --- mysqltuner.pl | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b8f5e4e..b5b8053 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -30,7 +30,7 @@ # Everett Barnes Tom Krouper Gary Barrueto # Simon Greenaway Adam Stein Isart Montane # Baptiste M. Cole Turner Major Hayden -# Joe Ashcraft Jean-Marie Renouard +# Joe Ashcraft Jean-Marie Renouard Christian Loos # # Inspired by Matthew Montgomery's tuning-primer.sh script: # http://forge.mysql.com/projects/view.php?id=44 @@ -72,6 +72,7 @@ my %opt = ( "port" => 0, "user" => 0, "pass" => 0, + "password" => 0, "skipsize" => 0, "checkversion" => 0, "updateversion" => 0, @@ -111,7 +112,8 @@ my $getOptionsCheck = GetOptions( 'template=s', 'reportfile=s', 'cvefile=s', 'bannedports=s', 'updateversion', 'maxportallowed=s', - 'verbose', 'sysstat' + 'verbose', 'sysstat', + 'password=s', ); #If params are incorrect return help @@ -182,6 +184,9 @@ my $basic_password_files = ? abs_path( dirname(__FILE__) ) . "/basic_passwords.txt" : abs_path( $opt{passwordfile} ); +# Related to password option +$opt{pass}=$opt{password} if ($opt{pass} eq 0 and $opt{password} ne 0); + # for RPM distributions $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" unless -f "$basic_password_files"; @@ -1907,6 +1912,7 @@ sub check_storage_engines { my $total_free=0; foreach my $table_line (@{$result{'Tables'}{'Fragmented tables'}}) { my ($table_name,$data_free)=split(/\s+/,$table_line); + $data_free=0 unless defined($data_free) or $data_free == ''; $data_free=$data_free/1024/1024; $total_free+=$data_free; push( @generalrec, @@ -4327,6 +4333,10 @@ Jean-Marie Renouard Stephan GroBberndt +=item * + +Christian Loos + =back =head1 SUPPORT From 7554f10e52a69d3f0befd82a5fe4bf14fbb03a80 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 13:45:46 +0200 Subject: [PATCH 150/237] #196 better thread cache hit rate with pools-of-threads --- mysqltuner.pl | 50 +++++++++++++++++++++++++++----------------------- 1 file changed, 27 insertions(+), 23 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b5b8053..a24d87a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2732,29 +2732,33 @@ sub mysql_stats { } # Thread cache - #if ( $myvar{'thread_cache_size'} eq 0 ) { - # badprint "Thread cache is disabled"; - # push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); - # push( @adjvars, "thread_cache_size (start at 4)" ); - #} else { - # if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { - # badprint - # "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" - # . hr_num( $mystat{'Threads_created'} ) - # . " created / " - # . hr_num( $mystat{'Connections'} ) - # . " connections)"; - # push( @adjvars, - # "thread_cache_size (> $myvar{'thread_cache_size'})" ); - # } else { - # goodprint - # "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" - # . hr_num( $mystat{'Threads_created'} ) - # . " created / " - # . hr_num( $mystat{'Connections'} ) - # . " connections)"; - # } - #} + if ( $myvar{'thread_cache_size'} eq 0 ) { + badprint "Thread cache is disabled"; + push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); + push( @adjvars, "thread_cache_size (start at 4)" ); + } else { + if ( defined($myvar{'thread_cache_size'}) and $myvar{'thread_cache_size'} == 'pools-of-threads') { + infoprint "Thread cache hit rate: not used with pool-of-threads"; + } else { + if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { + badprint + "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" + . hr_num( $mystat{'Threads_created'} ) + . " created / " + . hr_num( $mystat{'Connections'} ) + . " connections)"; + push( @adjvars, + "thread_cache_size (> $myvar{'thread_cache_size'})" ); + } else { + goodprint + "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" + . hr_num( $mystat{'Threads_created'} ) + . " created / " + . hr_num( $mystat{'Connections'} ) + . " connections)"; + } + } + } # Table cache my $table_cache_var = ""; From aa1df95ff38c163de58d474b31ad5c6b940a6f71 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 14:38:16 +0200 Subject: [PATCH 151/237] #155 adding test for consistent values for innodb_buffer_pool_size,innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances --- mysqltuner.pl | 40 +++++++++++++++++++--------------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index a24d87a..ceab438 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2737,7 +2737,7 @@ sub mysql_stats { push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); push( @adjvars, "thread_cache_size (start at 4)" ); } else { - if ( defined($myvar{'thread_cache_size'}) and $myvar{'thread_cache_size'} == 'pools-of-threads') { + if ( defined($myvar{'thread_cache_size'}) and $myvar{'thread_cache_size'} eq 'pools-of-threads') { infoprint "Thread cache hit rate: not used with pool-of-threads"; } else { if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { @@ -3482,6 +3482,11 @@ sub mysql_innodb { infoprint " +-- InnoDB Buffer Pool Instances: " . $myvar{'innodb_buffer_pool_instances'} . ""; } + + if ( defined $myvar{'innodb_buffer_pool_chunk_size'} ) { + infoprint " +-- InnoDB Buffer Pool Chunk Size: " + . hr_bytes( $myvar{'innodb_buffer_pool_chunk_size'} ) . ""; + } if ( defined $myvar{'innodb_additional_mem_pool_size'} ) { infoprint " +-- InnoDB Additional Mem Pool: " . hr_bytes( $myvar{'innodb_additional_mem_pool_size'} ) . ""; @@ -3567,28 +3572,21 @@ sub mysql_innodb { } } - # InnoDB Used Buffer Pool - if ( defined $mycalc{'pct_innodb_buffer_used'} - && $mycalc{'pct_innodb_buffer_used'} < 80 ) - { - badprint "InnoDB Used buffer: " - . $mycalc{'pct_innodb_buffer_used'} . "% (" - . ( $mystat{'Innodb_buffer_pool_pages_total'} - - $mystat{'Innodb_buffer_pool_pages_free'} ) - . " used/ " - . $mystat{'Innodb_buffer_pool_pages_total'} - . " total)"; - } - else { - goodprint "InnoDB Used buffer: " - . $mycalc{'pct_innodb_buffer_used'} . "% (" - . ( $mystat{'Innodb_buffer_pool_pages_total'} - - $mystat{'Innodb_buffer_pool_pages_free'} ) - . " used/ " - . $mystat{'Innodb_buffer_pool_pages_total'} - . " total)"; + # InnoDB Used Buffer Pool Size vs CHUNK size + if ( ! defined ($myvar{'innodb_buffer_pool_chunk_size'}) ) { + infoprint "InnoDB Buffer Pool Chunk Size not used or defined in your version"; + } else { + infoprint "Number of InnoDB Buffer Pool Chunk : ". int($myvar{'innodb_buffer_pool_size'}) / int( $myvar{'innodb_buffer_pool_chunk_size'}) . + " for ". $myvar{'innodb_buffer_pool_instances'}. " Buffer Pool Instance(s)"; } + if ( int($myvar{'innodb_buffer_pool_size'}) % ( int( $myvar{'innodb_buffer_pool_chunk_size'}) * int($myvar{'innodb_buffer_pool_instances'})) ne 0 ) { + goodprint "innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; + } else { + badprint "innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; + #push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" ); + push( @adjvars, "innodb_buffer_pool_size must always be equal to or a multiple of innodb_buffer_pool_chunk_size * innodb_buffer_pool_instances" ); + } # InnoDB Read efficency if ( defined $mycalc{'pct_read_efficiency'} && $mycalc{'pct_read_efficiency'} < 90 ) From e0bb59b4270e56d0c0f0ba19a64642f8e5e6262d Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 30 Aug 2016 14:47:32 +0200 Subject: [PATCH 152/237] Update INTERNALS.md Adding information regarding Thread cache pool hit ratio. Adding information regarding innodb_buffer_pool_chunk_size correctness. --- INTERNALS.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/INTERNALS.md b/INTERNALS.md index 6afee6a..f601f15 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -150,6 +150,7 @@ * Number of join performed without using indexes (<250) * Percentage of temporary table written on disk(<25%) * Thread cache (=4) +* Thread cache hit ratio (>50%) if thread_handling is different of pools-of-threads * Table cache hit ratio(>2°%) * Percentage of open file and open file limit(<85%) * Percentage of table locks (<95%) @@ -211,6 +212,8 @@ * Ratio of write without locks * InnoDB Log Waits * Checks that no lock is used on Innodb Log. +* InnoDB Chunk Size + * Check InnoDB Buffer Pool size is a multiple of InnoDB Buffer Pool chunk size * InnoDB Buffer Pool instances ## MySQLTuner ARIADB information From b94d3bd9279c424245c3f9aed04fe063e1424a6f Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 14:48:48 +0200 Subject: [PATCH 153/237] #196 correct variable name increment version number --- mysqltuner.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ceab438..b16d542 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.17 +# mysqltuner.pl - Version 1.6.18 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.17"; +my $tunerversion = "1.6.18"; my ( @adjvars, @generalrec ); # Set defaults @@ -2737,7 +2737,7 @@ sub mysql_stats { push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); push( @adjvars, "thread_cache_size (start at 4)" ); } else { - if ( defined($myvar{'thread_cache_size'}) and $myvar{'thread_cache_size'} eq 'pools-of-threads') { + if ( defined($myvar{'thread_handling'}) and $myvar{'thread_handling'} eq 'pools-of-threads') { infoprint "Thread cache hit rate: not used with pool-of-threads"; } else { if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { @@ -4133,7 +4133,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.17 - MySQL High Performance Tuning Script + MySQLTuner 1.6.18 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From 1b068ed7e4cf669c847f3416a3e15255176aaec1 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 14:56:59 +0200 Subject: [PATCH 154/237] #242 adjust test for unitialized value --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b16d542..b7e52e8 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1912,7 +1912,7 @@ sub check_storage_engines { my $total_free=0; foreach my $table_line (@{$result{'Tables'}{'Fragmented tables'}}) { my ($table_name,$data_free)=split(/\s+/,$table_line); - $data_free=0 unless defined($data_free) or $data_free == ''; + $data_free=0 if ! defined($data_free) or $data_free == ''; $data_free=$data_free/1024/1024; $total_free+=$data_free; push( @generalrec, From 3f19d63833c28ab32a48a2517382b289d845479e Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 14:57:09 +0200 Subject: [PATCH 155/237] #242 adjust test for unitialized value --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b7e52e8..83fc2a6 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1912,7 +1912,7 @@ sub check_storage_engines { my $total_free=0; foreach my $table_line (@{$result{'Tables'}{'Fragmented tables'}}) { my ($table_name,$data_free)=split(/\s+/,$table_line); - $data_free=0 if ! defined($data_free) or $data_free == ''; + $data_free=0 if (!defined($data_free) or $data_free eq ''); $data_free=$data_free/1024/1024; $total_free+=$data_free; push( @generalrec, From a7062ad804b8a31ad46724a513e2c05c5b92e4d3 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 30 Aug 2016 17:03:21 +0200 Subject: [PATCH 156/237] #196 misplaced semi column --- mysqltuner.pl | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 83fc2a6..f77996f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3578,15 +3578,15 @@ sub mysql_innodb { } else { infoprint "Number of InnoDB Buffer Pool Chunk : ". int($myvar{'innodb_buffer_pool_size'}) / int( $myvar{'innodb_buffer_pool_chunk_size'}) . " for ". $myvar{'innodb_buffer_pool_instances'}. " Buffer Pool Instance(s)"; - } - if ( int($myvar{'innodb_buffer_pool_size'}) % ( int( $myvar{'innodb_buffer_pool_chunk_size'}) * int($myvar{'innodb_buffer_pool_instances'})) ne 0 ) { - goodprint "innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; - } else { - badprint "innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; - #push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" ); - push( @adjvars, "innodb_buffer_pool_size must always be equal to or a multiple of innodb_buffer_pool_chunk_size * innodb_buffer_pool_instances" ); - } + if ( int($myvar{'innodb_buffer_pool_size'}) % ( int( $myvar{'innodb_buffer_pool_chunk_size'}) * int($myvar{'innodb_buffer_pool_instances'})) ne 0 ) { + goodprint "innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; + } else { + badprint "innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; + #push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" ); + push( @adjvars, "innodb_buffer_pool_size must always be equal to or a multiple of innodb_buffer_pool_chunk_size * innodb_buffer_pool_instances" ); + } + } # InnoDB Read efficency if ( defined $mycalc{'pct_read_efficiency'} && $mycalc{'pct_read_efficiency'} < 90 ) From f3e3b390234a08e91d14583b493131cf9f2c21b5 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 13:16:33 +0200 Subject: [PATCH 157/237] fix 'Nested named subroutine' --- mysqltuner.pl | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f77996f..356e249 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -366,12 +366,12 @@ sub pretty_uptime { # Retrieves the memory installed on this machine my ( $physical_memory, $swap_memory, $duflags ); -sub os_setup { +sub memerror { + badprint "Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; + exit 1; +} - sub memerror { - badprint "Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; - exit 1; - } +sub os_setup { my $os = `uname`; $duflags = ( $os =~ /Linux/ ) ? '-b' : ''; if ( $opt{'forcemem'} > 0 ) { From 90e82515233ee3180eaeb865791ec7afd01baa4f Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 13:27:13 +0200 Subject: [PATCH 158/237] fix 'Bareword file handle opened' --- mysqltuner.pl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 356e249..9fd6708 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1036,9 +1036,9 @@ sub remove_empty { sub get_file_contents { my $file = shift; - open( FH, "< $file" ) or die "Can't open $file for read: $!"; - my @lines = ; - close FH or die "Cannot close $file: $!"; + open(my $fh, "<", $file) or die "Can't open $file for read: $!"; + my @lines = <$fh>; + close $fh or die "Cannot close $file: $!"; remove_cr \@lines; return @lines; } @@ -1056,8 +1056,8 @@ sub cve_recommendations { #prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; my $cvefound = 0; - open( FH, "<$opt{cvefile}" ) or die "Can't open $opt{cvefile} for read: $!"; - while ( my $cveline = ) { + open(my $fh, "<", $opt{cvefile}) or die "Can't open $opt{cvefile} for read: $!"; + while ( my $cveline = <$fh> ) { my @cve = split( ';', $cveline ); debugprint "Comparing $mysqlvermajor\.$mysqlverminor\.$mysqlvermicro with $cve[1]\.$cve[2]\.$cve[3] : ".(mysql_version_le( $cve[1], $cve[2], $cve[3] )?'<=':'>'); @@ -1069,7 +1069,7 @@ sub cve_recommendations { $cvefound++; } } - close FH or die "Cannot close $opt{cvefile}: $!"; + close $fh or die "Cannot close $opt{cvefile}: $!"; $result{'CVE'}{'nb'}=$cvefound; if ( $cvefound == 0 ) { goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; From 7215e419dfd891be1ae07399e47ff504cf3e1abc Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 14:50:36 +0200 Subject: [PATCH 159/237] fix 'Expression form of "eval"' --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 9fd6708..ac4bfa7 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4038,7 +4038,7 @@ sub dump_result { debugprint "HTML REPORT: $opt{'reportfile'}"; if ( $opt{'reportfile'} ne 0 ) { - eval "{ use Text::Template }"; + eval {require Text::Template}; if ($@) { badprint "Text::Template Module is needed."; exit 1; @@ -4062,7 +4062,7 @@ sub dump_result { close $fh; } if ( $opt{'json'} ne 0 ) { - eval "{ use JSON }"; + eval {require JSON}; if ($@) { print "JSON Module is needed."; exit 1; From 1c13c66e36b150902a394158d6377baad2a457c5 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 15:37:42 +0200 Subject: [PATCH 160/237] improve message if JSON isn't installed --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ac4bfa7..24e1184 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4064,7 +4064,7 @@ sub dump_result { if ( $opt{'json'} ne 0 ) { eval {require JSON}; if ($@) { - print "JSON Module is needed."; + print "$bad JSON Module is needed.\n"; exit 1; } my $json = JSON->new->allow_nonref; From 600aad227dd78607207bbca4be39fcd89f440a28 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 16:36:21 +0200 Subject: [PATCH 161/237] get_file_contents calls already remove_cr --- mysqltuner.pl | 4 ---- 1 file changed, 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 24e1184..0b133d6 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1130,7 +1130,6 @@ sub get_other_process_memory { sub get_os_release { if ( -f "/etc/lsb-release" ) { my @info_release = get_file_contents "/etc/lsb-release"; - remove_cr @info_release; my $os_relase = $info_release[3]; $os_relase =~ s/.*="//; $os_relase =~ s/"$//; @@ -1139,13 +1138,11 @@ sub get_os_release { if ( -f "/etc/system-release" ) { my @info_release = get_file_contents "/etc/system-release"; - remove_cr @info_release; return $info_release[0]; } if ( -f "/etc/os-release" ) { my @info_release = get_file_contents "/etc/os-release"; - remove_cr @info_release; my $os_relase = $info_release[0]; $os_relase =~ s/.*="//; $os_relase =~ s/"$//; @@ -1154,7 +1151,6 @@ sub get_os_release { if ( -f "/etc/issue" ) { my @info_release = get_file_contents "/etc/issue"; - remove_cr @info_release; my $os_relase = $info_release[0]; $os_relase =~ s/\s+\\n.*//; return $os_relase; From 0cd7e93685a125f97b1f1f085c0b7ed6c70a2cb6 Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 17:20:56 +0200 Subject: [PATCH 162/237] fix "Don't modify $_ in list functions" --- mysqltuner.pl | 58 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 37 insertions(+), 21 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 0b133d6..9e0d8eb 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1026,8 +1026,12 @@ sub get_all_vars { } sub remove_cr { - map { s/\n$//g; } @_; - map { s/^\s+$//g; } @_; + return map { + my $line = $_; + $line =~ s/\n$//g; + $line =~ s/^\s+$//g; + $line; + } @_; } sub remove_empty { @@ -1039,7 +1043,7 @@ sub get_file_contents { open(my $fh, "<", $file) or die "Can't open $file for read: $!"; my @lines = <$fh>; close $fh or die "Cannot close $file: $!"; - remove_cr \@lines; + @lines = remove_cr @lines; return @lines; } @@ -1084,9 +1088,11 @@ sub cve_recommendations { sub get_opened_ports { my @opened_ports = `netstat -ltn`; - map { - s/.*:(\d+)\s.*$/$1/; - s/\D//g; + @opened_ports = map { + my $v = $_; + $v =~ s/.*:(\d+)\s.*$/$1/; + $v =~ s/\D//g; + $v; } @opened_ports; @opened_ports = sort { $a <=> $b } grep { !/^$/ } @opened_ports; debugprint Dumper \@opened_ports; @@ -1111,16 +1117,18 @@ sub get_process_memory { sub get_other_process_memory { my @procs = `ps eaxo pid,command`; - map { - s/.*PID.*//; - s/.*mysqld.*//; - s/.*\[.*\].*//; - s/^\s+$//g; - s/.*PID.*CMD.*//; - s/.*systemd.*//; + @procs = map { + my $v = $_; + $v =~ s/.*PID.*//; + $v =~ s/.*mysqld.*//; + $v =~ s/.*\[.*\].*//; + $v =~ s/^\s+$//g; + $v =~ s/.*PID.*CMD.*//; + $v =~ s/.*systemd.*//; + $v =~ s/\s*?(\d+)\s*.*/$1/g; + $v; } @procs; - map { s/\s*?(\d+)\s*.*/$1/g; } @procs; - remove_cr @procs; + @procs = remove_cr @procs; @procs = remove_empty @procs; my $totalMemOther = 0; map { $totalMemOther += get_process_memory($_); } @procs; @@ -1162,7 +1170,11 @@ sub get_fs_info() { my @sinfo = `df -P | grep '%'`; my @iinfo = `df -Pi| grep '%'`; shift @iinfo; - map { s/.*\s(\d+)%\s+(.*)/$1\t$2/g } @sinfo; + @sinfo = map { + my $v= $_; + $v =~ s/.*\s(\d+)%\s+(.*)/$1\t$2/g; + $v; + } @sinfo; foreach my $info (@sinfo) { next if $info =~ m{(\d+)\t/(run|dev|sys|proc)($|/)}; if ( $info =~ /(\d+)\t(.*)/ ) { @@ -1177,7 +1189,11 @@ sub get_fs_info() { } } - map { s/.*\s(\d+)%\s+(.*)/$1\t$2/g } @iinfo; + @iinfo = map { + my $v = $_; + $v =~ s/.*\s(\d+)%\s+(.*)/$1\t$2/g; + $v; + } @iinfo; foreach my $info (@iinfo) { next if $info =~ m{(\d+)\t/(run|dev|sys|proc)($|/)}; if ( $info =~ /(\d+)\t(.*)/ ) { @@ -1217,7 +1233,7 @@ sub infocmd { my $cmd = "@_"; debugprint "CMD: $cmd"; my @result = `$cmd`; - remove_cr @result; + @result = remove_cr @result; for my $l (@result) { infoprint "$l"; } @@ -1227,7 +1243,7 @@ sub infocmd_tab { my $cmd = "@_"; debugprint "CMD: $cmd"; my @result = `$cmd`; - remove_cr @result; + @result = remove_cr @result; for my $l (@result) { infoprint "\t$l"; } @@ -1236,7 +1252,7 @@ sub infocmd_tab { sub infocmd_one { my $cmd = "@_"; my @result = `$cmd`; - remove_cr @result; + @result = remove_cr @result; return join ', ', @result; } @@ -3197,7 +3213,7 @@ sub get_wsrep_options { return () unless defined $myvar{'wsrep_provider_options'}; my @galera_options = split /;/, $myvar{'wsrep_provider_options'}; - remove_cr @galera_options; + @galera_options = remove_cr @galera_options; @galera_options = remove_empty @galera_options; debugprint Dumper( \@galera_options ); return @galera_options; From 4fbc5ecb35f8afcf757b87bb23c6130bbf0b69ea Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 18:09:41 +0200 Subject: [PATCH 163/237] let travis run perlcritic --- .travis.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index e65059c..b7d44ef 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,11 +35,14 @@ before_install: install: - cpanm --quiet --notest Data::Dumper - - cpanm --quiet --notest Text::Template - cpanm --quiet --notest JSON + - cpanm --quiet --notest Perl::Critic + - cpanm --quiet --notest Text::Template before_script: - echo -e "[client]\nuser=root\npassword=\"\"" > .my.cnf - chmod 600 .my.cnf -script: ./mysqltuner.pl --idxstat --dbstat +script: + - perlcritic mysqltuner.pl + - ./mysqltuner.pl --idxstat --dbstat From dddf7e2ba42f248d097dc050952fceec36dfc8bd Mon Sep 17 00:00:00 2001 From: Christian Loos Date: Tue, 30 Aug 2016 18:24:10 +0200 Subject: [PATCH 164/237] add perlcritic to CONTRIBUTING.md --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f6da536..3e913c2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -182,7 +182,7 @@ Copy of the license is available at [LICENSE](https://github.com/major/MySQLTune #### MySQLTuner Code Conventions -1. Check code convention using **perltidy** +1. Check code convention using **perltidy** and **perlcritic** 2. Don't manually update the version number in `mysqltuner.pl`. From 6bcd5ae0ce6c7668fa854f95d319e29d37bf0a7f Mon Sep 17 00:00:00 2001 From: root Date: Wed, 31 Aug 2016 09:04:48 +0200 Subject: [PATCH 165/237] Update vulnerabilies list InnoDB buffer pool alignment check appears backward #244 --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f77996f..4c0ef24 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3578,8 +3578,8 @@ sub mysql_innodb { } else { infoprint "Number of InnoDB Buffer Pool Chunk : ". int($myvar{'innodb_buffer_pool_size'}) / int( $myvar{'innodb_buffer_pool_chunk_size'}) . " for ". $myvar{'innodb_buffer_pool_instances'}. " Buffer Pool Instance(s)"; - - if ( int($myvar{'innodb_buffer_pool_size'}) % ( int( $myvar{'innodb_buffer_pool_chunk_size'}) * int($myvar{'innodb_buffer_pool_instances'})) ne 0 ) { + + if ( int($myvar{'innodb_buffer_pool_size'}) % ( int( $myvar{'innodb_buffer_pool_chunk_size'}) * int($myvar{'innodb_buffer_pool_instances'})) eq 0 ) { goodprint "innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; } else { badprint "innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; From 94c56dad3faa5337f380a517b49c802a698aba6e Mon Sep 17 00:00:00 2001 From: root Date: Wed, 31 Aug 2016 09:17:03 +0200 Subject: [PATCH 166/237] False CVE detection for mysql 5.50 #235 adding info message --- mysqltuner.pl | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 168659a..7216cc8 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1075,10 +1075,16 @@ sub cve_recommendations { } close $fh or die "Cannot close $opt{cvefile}: $!"; $result{'CVE'}{'nb'}=$cvefound; + + my $cve_warning_notes=""; if ( $cvefound == 0 ) { goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; return; } + if ($mysqlvermajor eq 5 and $mysqlverminor eq 7) { + infoprint "False positive CVE(s) for MySQL and MariaDB 5.5.x can be found."; + infoprint "Check careful each CVE for those particular versions"; + } badprint $cvefound . " CVE(s) found for your MySQL release."; push( @generalrec, $cvefound From 746f5d3a4dcae9bc6ca81d166c8347a3cfb8b8e2 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 31 Aug 2016 10:26:39 +0200 Subject: [PATCH 167/237] Changing version in test for displaying false positive CVE messages --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 7216cc8..5f1bb6c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1081,7 +1081,7 @@ sub cve_recommendations { goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; return; } - if ($mysqlvermajor eq 5 and $mysqlverminor eq 7) { + if ($mysqlvermajor eq 5 and $mysqlverminor eq 5) { infoprint "False positive CVE(s) for MySQL and MariaDB 5.5.x can be found."; infoprint "Check careful each CVE for those particular versions"; } From a067eddb2051fc1e63efcea6614d988dff0281c3 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 31 Aug 2016 10:30:20 +0200 Subject: [PATCH 168/237] Tidyfy code --- mysqltuner.pl | 407 +++++++++++++++++++++++++++++--------------------- 1 file changed, 235 insertions(+), 172 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5f1bb6c..8bb3c3f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -185,7 +185,7 @@ my $basic_password_files = : abs_path( $opt{passwordfile} ); # Related to password option -$opt{pass}=$opt{password} if ($opt{pass} eq 0 and $opt{password} ne 0); +$opt{pass} = $opt{password} if ( $opt{pass} eq 0 and $opt{password} ne 0 ); # for RPM distributions $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt" @@ -202,7 +202,8 @@ if ( $opt{verbose} ) { } # for RPM distributions -$opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); +$opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" + unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); $opt{cvefile} = '' unless -f "$opt{cvefile}"; $opt{cvefile} = './vulnerabilities.csv' if -f './vulnerabilities.csv'; @@ -236,8 +237,9 @@ my ( $mysqlvermajor, $mysqlverminor, $mysqlvermicro ); # Super structure containing all information my %result; -$result{'MySQLTuner'}{'version'}=$tunerversion; -$result{'MySQLTuner'}{'options'}=\%opt; +$result{'MySQLTuner'}{'version'} = $tunerversion; +$result{'MySQLTuner'}{'options'} = \%opt; + # Functions that handle the print styles sub prettyprint { print $_[0] . "\n" unless ( $opt{'silent'} or $opt{'json'} ); @@ -367,7 +369,8 @@ sub pretty_uptime { my ( $physical_memory, $swap_memory, $duflags ); sub memerror { - badprint "Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; + badprint +"Unable to determine total memory/swap; use '--forcemem' and '--forceswap'"; exit 1; } @@ -455,8 +458,9 @@ sub os_setup { $result{'OS'}{'Physical Memory'}{'pretty'} = hr_bytes($physical_memory); $result{'OS'}{'Swap Memory'}{'bytes'} = $swap_memory; $result{'OS'}{'Swap Memory'}{'pretty'} = hr_bytes($swap_memory); - $result{'OS'}{'Other Processes'}{'bytes'} = get_other_process_memory(); - $result{'OS'}{'Other Processes'}{'pretty'} = hr_bytes(get_other_process_memory()); + $result{'OS'}{'Other Processes'}{'bytes'} = get_other_process_memory(); + $result{'OS'}{'Other Processes'}{'pretty'} = + hr_bytes( get_other_process_memory() ); } sub get_http_cli { @@ -801,16 +805,19 @@ sub mysql_setup { debugprint "$mysqladmincmd $remotestring ping 2>&1"; my $loginstatus = `$mysqladmincmd $remotestring ping 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { + # Login went just fine $mysqllogin = " $remotestring "; - # Did this go well because of a .my.cnf file or is there no password set? + + # Did this go well because of a .my.cnf file or is there no password set? my $userpath = `printenv HOME`; if ( length($userpath) > 0 ) { chomp($userpath); } unless ( -e "${userpath}/.my.cnf" or -e "${userpath}/.mylogin.cnf" ) { - badprint "Successfully authenticated with no password - SECURITY RISK!"; + badprint +"Successfully authenticated with no password - SECURITY RISK!"; } return 1; } @@ -944,7 +951,7 @@ sub arr2hash { my $sep = shift; $sep = '\s' unless defined($sep); foreach my $line (@$harr) { - next if ($line =~ m/^\*\*\*\*\*\*\*/); + next if ( $line =~ m/^\*\*\*\*\*\*\*/ ); $line =~ /([a-zA-Z_]*)\s*$sep\s*(.*)/; $$href{$1} = $2; debugprint "V: $1 = $2"; @@ -952,11 +959,13 @@ sub arr2hash { } sub get_all_vars { + # We need to initiate at least one query so that our data is useable $dummyselect = select_one "SELECT VERSION()"; - if (not defined($dummyselect) or $dummyselect eq "") { - badprint "You probably doesn't get enough privileges for running MySQLTuner ..."; - exit(256); + if ( not defined($dummyselect) or $dummyselect eq "" ) { + badprint +"You probably doesn't get enough privileges for running MySQLTuner ..."; + exit(256); } $dummyselect =~ s/(.*?)\-.*/$1/; debugprint "VERSION: " . $dummyselect . ""; @@ -1040,7 +1049,7 @@ sub remove_empty { sub get_file_contents { my $file = shift; - open(my $fh, "<", $file) or die "Can't open $file for read: $!"; + open( my $fh, "<", $file ) or die "Can't open $file for read: $!"; my @lines = <$fh>; close $fh or die "Cannot close $file: $!"; @lines = remove_cr @lines; @@ -1058,32 +1067,39 @@ sub cve_recommendations { return; } - #prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; +#prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}"; my $cvefound = 0; - open(my $fh, "<", $opt{cvefile}) or die "Can't open $opt{cvefile} for read: $!"; + open( my $fh, "<", $opt{cvefile} ) + or die "Can't open $opt{cvefile} for read: $!"; while ( my $cveline = <$fh> ) { my @cve = split( ';', $cveline ); - debugprint "Comparing $mysqlvermajor\.$mysqlverminor\.$mysqlvermicro with $cve[1]\.$cve[2]\.$cve[3] : ".(mysql_version_le( $cve[1], $cve[2], $cve[3] )?'<=':'>'); - + debugprint +"Comparing $mysqlvermajor\.$mysqlverminor\.$mysqlvermicro with $cve[1]\.$cve[2]\.$cve[3] : " + . ( mysql_version_le( $cve[1], $cve[2], $cve[3] ) ? '<=' : '>' ); + # Avoid not major/minor version corresponding CVEs - next unless (int($cve[1])==$mysqlvermajor && int($cve[2])==$mysqlverminor); - if ( int($cve[3]) >= $mysqlvermicro ) { + next + unless ( int( $cve[1] ) == $mysqlvermajor + && int( $cve[2] ) == $mysqlverminor ); + if ( int( $cve[3] ) >= $mysqlvermicro ) { badprint "$cve[4](<= $cve[1]\.$cve[2]\.$cve[3]) : $cve[6]"; - $result{'CVE'}{'List'}{$cvefound}="$cve[4](<= $cve[1]\.$cve[2]\.$cve[3]) : $cve[6]"; + $result{'CVE'}{'List'}{$cvefound} = + "$cve[4](<= $cve[1]\.$cve[2]\.$cve[3]) : $cve[6]"; $cvefound++; } } close $fh or die "Cannot close $opt{cvefile}: $!"; - $result{'CVE'}{'nb'}=$cvefound; + $result{'CVE'}{'nb'} = $cvefound; - my $cve_warning_notes=""; + my $cve_warning_notes = ""; if ( $cvefound == 0 ) { goodprint "NO SECURITY CVE FOUND FOR YOUR VERSION"; return; } - if ($mysqlvermajor eq 5 and $mysqlverminor eq 5) { - infoprint "False positive CVE(s) for MySQL and MariaDB 5.5.x can be found."; - infoprint "Check careful each CVE for those particular versions"; + if ( $mysqlvermajor eq 5 and $mysqlverminor eq 5 ) { + infoprint + "False positive CVE(s) for MySQL and MariaDB 5.5.x can be found."; + infoprint "Check careful each CVE for those particular versions"; } badprint $cvefound . " CVE(s) found for your MySQL release."; push( @generalrec, @@ -1102,7 +1118,7 @@ sub get_opened_ports { } @opened_ports; @opened_ports = sort { $a <=> $b } grep { !/^$/ } @opened_ports; debugprint Dumper \@opened_ports; - $result{'Network'}{'TCP Opened'}=\@opened_ports; + $result{'Network'}{'TCP Opened'} = \@opened_ports; return @opened_ports; } @@ -1118,7 +1134,7 @@ sub get_process_memory { my $pid = shift; my @mem = `ps -p $pid -o rss`; return 0 if scalar @mem != 2; - return $mem[1]*1024; + return $mem[1] * 1024; } sub get_other_process_memory { @@ -1144,7 +1160,7 @@ sub get_other_process_memory { sub get_os_release { if ( -f "/etc/lsb-release" ) { my @info_release = get_file_contents "/etc/lsb-release"; - my $os_relase = $info_release[3]; + my $os_relase = $info_release[3]; $os_relase =~ s/.*="//; $os_relase =~ s/"$//; return $os_relase; @@ -1157,7 +1173,7 @@ sub get_os_release { if ( -f "/etc/os-release" ) { my @info_release = get_file_contents "/etc/os-release"; - my $os_relase = $info_release[0]; + my $os_relase = $info_release[0]; $os_relase =~ s/.*="//; $os_relase =~ s/"$//; return $os_relase; @@ -1165,7 +1181,7 @@ sub get_os_release { if ( -f "/etc/issue" ) { my @info_release = get_file_contents "/etc/issue"; - my $os_relase = $info_release[0]; + my $os_relase = $info_release[0]; $os_relase =~ s/\s+\\n.*//; return $os_relase; } @@ -1177,7 +1193,7 @@ sub get_fs_info() { my @iinfo = `df -Pi| grep '%'`; shift @iinfo; @sinfo = map { - my $v= $_; + my $v = $_; $v =~ s/.*\s(\d+)%\s+(.*)/$1\t$2/g; $v; } @sinfo; @@ -1191,7 +1207,7 @@ sub get_fs_info() { else { infoprint "mount point $2 is using $1 % of total space"; } - $result{'Filesystem'}{'Space Pct'}{$2}=$1; + $result{'Filesystem'}{'Space Pct'}{$2} = $1; } } @@ -1212,7 +1228,7 @@ sub get_fs_info() { else { infoprint "mount point $2 is using $1 % of max allowed inodes"; } - $result{'Filesystem'}{'Inode Pct'}{$2}=$1; + $result{'Filesystem'}{'Inode Pct'}{$2} = $1; } } } @@ -1272,7 +1288,7 @@ sub get_kernel_info() { infoprint "Information about kernel tuning:"; foreach my $param (@params) { infocmd_tab("sysctl $param 2>/dev/null"); - $result{'OS'}{'Config'}{$param}=`sysctl -n $param 2>/dev/null`; + $result{'OS'}{'Config'}{$param} = `sysctl -n $param 2>/dev/null`; } if ( `sysctl -n vm.swappiness` > 10 ) { badprint @@ -1285,8 +1301,11 @@ sub get_kernel_info() { } # only if /proc/sys/sunrpc exists - my $tcp_slot_entries=`sysctl -n sunrpc.tcp_slot_table_entries 2>/dev/null`; - if ( -f "/proc/sys/sunrpc" and ($tcp_slot_entries eq '' or $tcp_slot_entries < 100) ) { + my $tcp_slot_entries = + `sysctl -n sunrpc.tcp_slot_table_entries 2>/dev/null`; + if ( -f "/proc/sys/sunrpc" + and ( $tcp_slot_entries eq '' or $tcp_slot_entries < 100 ) ) + { badprint "Initial TCP slot entries is < 1M, please consider having a value greater than 100"; push @generalrec, "setup Initial TCP slot entries greater than 100"; @@ -1311,33 +1330,33 @@ sub get_kernel_info() { } sub get_system_info() { - $result{'OS'}{'Release'}=get_os_release(); + $result{'OS'}{'Release'} = get_os_release(); infoprint get_os_release; if (is_virtual_machine) { infoprint "Machine type : Virtual machine"; - $result{'OS'}{'Virtual Machine'}='YES'; + $result{'OS'}{'Virtual Machine'} = 'YES'; } else { infoprint "Machine type : Physical machine"; - $result{'OS'}{'Virtual Machine'}='NO'; + $result{'OS'}{'Virtual Machine'} = 'NO'; } - $result{'Network'}{'Connected'}='NO'; + $result{'Network'}{'Connected'} = 'NO'; `ping -c 1 ipecho.net &>/dev/null`; my $isConnected = $?; if ( $? == 0 ) { infoprint "Internet : Connected"; - $result{'Network'}{'Connected'}='YES'; + $result{'Network'}{'Connected'} = 'YES'; } else { badprint "Internet : Disconnected"; } - $result{'OS'}{'Type'}=`uname -o`; + $result{'OS'}{'Type'} = `uname -o`; infoprint "Operating System Type : " . infocmd_one "uname -o"; - $result{'OS'}{'Kernel'}=`uname -r`; + $result{'OS'}{'Kernel'} = `uname -r`; infoprint "Kernel Release : " . infocmd_one "uname -r"; - $result{'OS'}{'Hostname'}=`hostname`; - $result{'Network'}{'Internal Ip'}=`hostname -I`; + $result{'OS'}{'Hostname'} = `hostname`; + $result{'Network'}{'Internal Ip'} = `hostname -I`; infoprint "Hostname : " . infocmd_one "hostname"; infoprint "Network Cards : "; infocmd_tab "ifconfig| grep -A1 mtu"; @@ -1345,16 +1364,16 @@ sub get_system_info() { my $httpcli = get_http_cli(); infoprint "HTTP client found: $httpcli" if defined $httpcli; - my $ext_ip=""; + my $ext_ip = ""; if ( $httpcli =~ /curl$/ ) { - $ext_ip=infocmd_one "$httpcli ipecho.net/plain"; + $ext_ip = infocmd_one "$httpcli ipecho.net/plain"; } elsif ( $httpcli =~ /wget$/ ) { - - $ext_ip=infocmd_one "$httpcli -q -O - ipecho.net/plain"; + + $ext_ip = infocmd_one "$httpcli -q -O - ipecho.net/plain"; } - infoprint "External IP : ".$ext_ip; - $result{'Network'}{'External Ip'}=$ext_ip; + infoprint "External IP : " . $ext_ip; + $result{'Network'}{'External Ip'} = $ext_ip; badprint "External IP : Can't check because of Internet connectivity" unless defined($httpcli); @@ -1362,13 +1381,14 @@ sub get_system_info() { . infocmd_one "grep 'nameserver' /etc/resolv.conf \| awk '{print \$2}'"; infoprint "Logged In users : "; infocmd_tab "who"; - $result{'OS'}{'Logged users'}=`who`; + $result{'OS'}{'Logged users'} = `who`; infoprint "Ram Usages in Mb : "; infocmd_tab "free -m | grep -v +"; - $result{'OS'}{'Free Memory RAM'}=`free -m | grep -v +`; + $result{'OS'}{'Free Memory RAM'} = `free -m | grep -v +`; infoprint "Load Average : "; infocmd_tab "top -n 1 -b | grep 'load average:'"; - $result{'OS'}{'Load Average'}=`top -n 1 -b | grep 'load average:'`; + $result{'OS'}{'Load Average'} = `top -n 1 -b | grep 'load average:'`; + #infoprint "System Uptime Days/(HH:MM) : `uptime | awk '{print $3,$4}' | cut -f1 -d,`"; } @@ -1479,10 +1499,11 @@ sub security_recommendations { goodprint "There are no anonymous accounts for any database users"; } if ( mysql_version_le( 5, 1 ) ) { - badprint "No more password checks for MySQL version <=5.1"; - badprint "MySQL version <=5.1 are deprecated and end of support."; - return; + badprint "No more password checks for MySQL version <=5.1"; + badprint "MySQL version <=5.1 are deprecated and end of support."; + return; } + # Looking for Empty Password @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')"; @@ -1599,7 +1620,7 @@ sub get_replication_status { infoprint "No replication setup for this server."; return; } - $result{'Replication'}{'status'}= \%myrepl; + $result{'Replication'}{'status'} = \%myrepl; my ($io_running) = $myrepl{'Slave_IO_Running'}; debugprint "IO RUNNING: $io_running "; my ($sql_running) = $myrepl{'Slave_SQL_Running'}; @@ -1662,9 +1683,11 @@ sub mysql_version_ge { my ( $maj, $min, $mic ) = @_; $min ||= 0; $mic ||= 0; - return int($mysqlvermajor) > int($maj) - || ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) > int($min) ) - || ( int($mysqlverminor) == int($min) && int($mysqlvermicro) >= int($mic) ); + return + int($mysqlvermajor) > int($maj) + || ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) > int($min) ) + || ( int($mysqlverminor) == int($min) + && int($mysqlvermicro) >= int($mic) ); } # Checks if MySQL version is lower than equal to (major, minor, micro) @@ -1672,9 +1695,11 @@ sub mysql_version_le { my ( $maj, $min, $mic ) = @_; $min ||= 0; $mic ||= 0; - return int($mysqlvermajor) < int($maj) - || ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) < int($min) ) - || ( int($mysqlverminor) == int($min) && int($mysqlvermicro) <= int($mic) ); + return + int($mysqlvermajor) < int($maj) + || ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) < int($min) ) + || ( int($mysqlverminor) == int($min) + && int($mysqlvermicro) <= int($mic) ); } # Checks if MySQL micro version is lower than equal to (major, minor, micro) @@ -1818,11 +1843,11 @@ sub check_storage_engines { ( $engine, $size, $count, $dsize, $isize ) = $line =~ /([a-zA-Z_]+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)/; debugprint "Engine Found: $engine"; - next unless (defined($engine)); - $size=0 unless defined($size); - $isize=0 unless defined($isize); - $dsize=0 unless defined($dsize); - $count=0 unless defined($count); + next unless ( defined($engine) ); + $size = 0 unless defined($size); + $isize = 0 unless defined($isize); + $dsize = 0 unless defined($dsize); + $count = 0 unless defined($count); $enginestats{$engine} = $size; $enginecount{$engine} = $count; $result{'Engine'}{$engine}{'Table Number'} = $count; @@ -1830,15 +1855,15 @@ sub check_storage_engines { $result{'Engine'}{$engine}{'Data Size'} = $dsize; $result{'Engine'}{$engine}{'Index Size'} = $isize; } - my $not_innodb=''; - if ($result{'Variables'}{'innodb_file_per_table'} eq 'OFF') { - $not_innodb="AND NOT ENGINE='InnoDB'"; + my $not_innodb = ''; + if ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) { + $not_innodb = "AND NOT ENGINE='InnoDB'"; } $result{'Tables'}{'Fragmented tables'} = [ select_array "SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME),DATA_FREE FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND DATA_LENGTH/1024/1024>100 AND DATA_FREE*100/(DATA_LENGTH+INDEX_LENGTH+DATA_FREE) > 10 AND NOT ENGINE='MEMORY' $not_innodb" ]; - $fragtables = scalar @{$result{'Tables'}{'Fragmented tables'}}; + $fragtables = scalar @{ $result{'Tables'}{'Fragmented tables'} }; } else { @@ -1927,14 +1952,14 @@ sub check_storage_engines { badprint "Total fragmented tables: $fragtables"; push( @generalrec, "Run OPTIMIZE TABLE to defragment tables for better performance" ); - my $total_free=0; - foreach my $table_line (@{$result{'Tables'}{'Fragmented tables'}}) { - my ($table_name,$data_free)=split(/\s+/,$table_line); - $data_free=0 if (!defined($data_free) or $data_free eq ''); - $data_free=$data_free/1024/1024; - $total_free+=$data_free; + my $total_free = 0; + foreach my $table_line ( @{ $result{'Tables'}{'Fragmented tables'} } ) { + my ( $table_name, $data_free ) = split( /\s+/, $table_line ); + $data_free = 0 if ( !defined($data_free) or $data_free eq '' ); + $data_free = $data_free / 1024 / 1024; + $total_free += $data_free; push( @generalrec, - " OPTIMIZE TABLE $table_name; -- can free $data_free MB"); + " OPTIMIZE TABLE $table_name; -- can free $data_free MB" ); } push( @generalrec, "Total freed space after theses OPTIMIZE TABLE : $total_free Mb" ); @@ -2417,13 +2442,15 @@ sub mysql_stats { . hr_bytes( $mycalc{'per_thread_buffers'} ) . " per thread ($myvar{'max_connections'} max threads)"; infoprint "P_S Max memory usage: " . hr_bytes_rnd( get_pf_memory() ); - $result{'P_S'}{'memory'}=get_other_process_memory(); - $result{'P_S'}{'pretty_memory'}=hr_bytes_rnd(get_other_process_memory()); + $result{'P_S'}{'memory'} = get_other_process_memory(); + $result{'P_S'}{'pretty_memory'} = + hr_bytes_rnd( get_other_process_memory() ); infoprint "Galera GCache Max memory usage: " . hr_bytes_rnd( get_gcache_memory() ); - $result{'Galera'}{'GCache'}{'memory'}=get_gcache_memory(); - $result{'Galera'}{'GCache'}{'pretty_memory'}=hr_bytes_rnd(get_gcache_memory()); - + $result{'Galera'}{'GCache'}{'memory'} = get_gcache_memory(); + $result{'Galera'}{'GCache'}{'pretty_memory'} = + hr_bytes_rnd( get_gcache_memory() ); + if ( $opt{buffers} ne 0 ) { infoprint "Global Buffers"; infoprint " +-- Key Buffer: " @@ -2564,13 +2591,16 @@ sub mysql_stats { } # name resolution - if (not defined($result{'Variables'}{'skip_name_resolve'})) { - infoprint "Skipped name resolution test due to missing skip_name_resolve in system variables. ?More info?"; - } elsif( $result{'Variables'}{'skip_name_resolve'} eq 'OFF') { + if ( not defined( $result{'Variables'}{'skip_name_resolve'} ) ) { + infoprint +"Skipped name resolution test due to missing skip_name_resolve in system variables. ?More info?"; + } + elsif ( $result{'Variables'}{'skip_name_resolve'} eq 'OFF' ) { badprint "name resolution is active : a reverse name resolution is made for each new connection and can reduce performance"; push( @generalrec, - "Configure your accounts with ip or subnets only, then update your configuration with skip-name-resolve=1" ); +"Configure your accounts with ip or subnets only, then update your configuration with skip-name-resolve=1" + ); } # Query cache @@ -2580,15 +2610,15 @@ sub mysql_stats { push( @generalrec, "Upgrade MySQL to version 4+ to utilize query caching" ); } - elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) ) { + elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) ) { if ( $myvar{'query_cache_type'} ne "OFF" ) { badprint -"Query cache may be disabled by default due to mutex contention."; + "Query cache may be disabled by default due to mutex contention."; push( @adjvars, "query_cache_type (=0)" ); } else { goodprint - "Query cache is disabled by default due to mutex contention on multiprocessor machines."; +"Query cache is disabled by default due to mutex contention on multiprocessor machines."; } } elsif ( $myvar{'query_cache_size'} < 1 ) { @@ -2754,28 +2784,33 @@ sub mysql_stats { badprint "Thread cache is disabled"; push( @generalrec, "Set thread_cache_size to 4 as a starting value" ); push( @adjvars, "thread_cache_size (start at 4)" ); - } else { - if ( defined($myvar{'thread_handling'}) and $myvar{'thread_handling'} eq 'pools-of-threads') { - infoprint "Thread cache hit rate: not used with pool-of-threads"; - } else { - if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { - badprint - "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" - . hr_num( $mystat{'Threads_created'} ) - . " created / " - . hr_num( $mystat{'Connections'} ) - . " connections)"; - push( @adjvars, - "thread_cache_size (> $myvar{'thread_cache_size'})" ); - } else { - goodprint - "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" - . hr_num( $mystat{'Threads_created'} ) - . " created / " - . hr_num( $mystat{'Connections'} ) - . " connections)"; + } + else { + if ( defined( $myvar{'thread_handling'} ) + and $myvar{'thread_handling'} eq 'pools-of-threads' ) + { + infoprint "Thread cache hit rate: not used with pool-of-threads"; + } + else { + if ( $mycalc{'thread_cache_hit_rate'} <= 50 ) { + badprint + "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" + . hr_num( $mystat{'Threads_created'} ) + . " created / " + . hr_num( $mystat{'Connections'} ) + . " connections)"; + push( @adjvars, + "thread_cache_size (> $myvar{'thread_cache_size'})" ); + } + else { + goodprint + "Thread cache hit rate: $mycalc{'thread_cache_hit_rate'}% (" + . hr_num( $mystat{'Threads_created'} ) + . " created / " + . hr_num( $mystat{'Connections'} ) + . " connections)"; + } } - } } # Table cache @@ -3113,13 +3148,14 @@ sub mysqsl_pfs { infoprint "Performance schema is enabled."; infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); - if (grep /^sys$/, select_array("SHOW DATABASES")) { + if ( grep /^sys$/, select_array("SHOW DATABASES") ) { infoprint "Sys schema is installed."; - } else { + } + else { infoprint "Sys schema isn't installed."; return; } - + } # Recommendations for Ariadb @@ -3260,12 +3296,12 @@ sub mariadb_galera { next unless $gvar =~ /^wsrep.*/; next if $gvar eq 'wsrep_provider_options'; debugprint "\t" . trim($gvar) . " = " . $myvar{$gvar}; - $result{'Galera'}{'variables'}{$gvar}= $myvar{$gvar}; + $result{'Galera'}{'variables'}{$gvar} = $myvar{$gvar}; } debugprint "Galera wsrep provider Options:"; my @galera_options = get_wsrep_options; - $result{'Galera'}{'wsrep options'}=get_wsrep_options(); + $result{'Galera'}{'wsrep options'} = get_wsrep_options(); foreach my $gparam (@galera_options) { debugprint "\t" . trim($gparam); } @@ -3273,25 +3309,25 @@ sub mariadb_galera { foreach my $gstatus ( keys %mystat ) { next unless $gstatus =~ /^wsrep.*/; debugprint "\t" . trim($gstatus) . " = " . $mystat{$gstatus}; - $result{'Galera'}{'status'}{$gstatus}= $myvar{$gstatus}; + $result{'Galera'}{'status'}{$gstatus} = $myvar{$gstatus}; } infoprint "GCache is using " . hr_bytes_rnd( get_wsrep_option('gcache.mem_size') ); my @primaryKeysNbTables = select_array( -"Select CONCAT(c.table_schema,CONCAT('.', c.table_name)) + "Select CONCAT(c.table_schema,CONCAT('.', c.table_name)) from information_schema.columns c join information_schema.tables t using (TABLE_SCHEMA, TABLE_NAME) where c.table_schema not in ('mysql', 'information_schema', 'performance_schema') and t.table_type != 'VIEW' group by c.table_schema,c.table_name having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0" -); + ); if ( scalar(@primaryKeysNbTables) > 0 ) { badprint "Following table(s) don't have primary key:"; foreach my $badtable (@primaryKeysNbTables) { badprint "\t$badtable"; - push @{$result{'Tables without PK'}}, $badtable; + push @{ $result{'Tables without PK'} }, $badtable; } } else { @@ -3348,6 +3384,7 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0" badprint "There are $nbNodesSize nodes in wsrep_cluster_size. Prefer 3 or 5 nodes architecture."; } + # wsrep_cluster_address doesn't include garbd nodes if ( $nbNodes > $nbNodesSize ) { badprint @@ -3393,13 +3430,22 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0" } if ( trim( $myvar{'wsrep_sst_method'} ) !~ "^xtrabackup.*" ) { badprint "Galera SST method is not xtrabackup based."; - push( @adjvars, "set up parameter wsrep_sst_method to xtrabackup based parameter" ); + push( @adjvars, +"set up parameter wsrep_sst_method to xtrabackup based parameter" + ); } else { goodprint "SST Method is based on xtrabackup."; } - if ( (defined($myvar{'wsrep_OSU_method'}) && trim( $myvar{'wsrep_OSU_method'} ) eq "TOI") || - (defined($myvar{'wsrep_osu_method'}) && trim( $myvar{'wsrep_osu_method'} ) eq "TOI") ) { + if ( + ( + defined( $myvar{'wsrep_OSU_method'} ) + && trim( $myvar{'wsrep_OSU_method'} ) eq "TOI" + ) + || ( defined( $myvar{'wsrep_osu_method'} ) + && trim( $myvar{'wsrep_osu_method'} ) eq "TOI" ) + ) + { goodprint "TOI is default mode for upgrade."; } else { @@ -3500,7 +3546,7 @@ sub mysql_innodb { infoprint " +-- InnoDB Buffer Pool Instances: " . $myvar{'innodb_buffer_pool_instances'} . ""; } - + if ( defined $myvar{'innodb_buffer_pool_chunk_size'} ) { infoprint " +-- InnoDB Buffer Pool Chunk Size: " . hr_bytes( $myvar{'innodb_buffer_pool_chunk_size'} ) . ""; @@ -3591,20 +3637,38 @@ sub mysql_innodb { } # InnoDB Used Buffer Pool Size vs CHUNK size - if ( ! defined ($myvar{'innodb_buffer_pool_chunk_size'}) ) { - infoprint "InnoDB Buffer Pool Chunk Size not used or defined in your version"; - } else { - infoprint "Number of InnoDB Buffer Pool Chunk : ". int($myvar{'innodb_buffer_pool_size'}) / int( $myvar{'innodb_buffer_pool_chunk_size'}) . - " for ". $myvar{'innodb_buffer_pool_instances'}. " Buffer Pool Instance(s)"; - - if ( int($myvar{'innodb_buffer_pool_size'}) % ( int( $myvar{'innodb_buffer_pool_chunk_size'}) * int($myvar{'innodb_buffer_pool_instances'})) eq 0 ) { - goodprint "innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; - } else { - badprint "innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; - #push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" ); - push( @adjvars, "innodb_buffer_pool_size must always be equal to or a multiple of innodb_buffer_pool_chunk_size * innodb_buffer_pool_instances" ); - } + if ( !defined( $myvar{'innodb_buffer_pool_chunk_size'} ) ) { + infoprint + "InnoDB Buffer Pool Chunk Size not used or defined in your version"; } + else { + infoprint "Number of InnoDB Buffer Pool Chunk : " + . int( $myvar{'innodb_buffer_pool_size'} ) / + int( $myvar{'innodb_buffer_pool_chunk_size'} ) . " for " + . $myvar{'innodb_buffer_pool_instances'} + . " Buffer Pool Instance(s)"; + + if ( + int( $myvar{'innodb_buffer_pool_size'} ) % ( + int( $myvar{'innodb_buffer_pool_chunk_size'} ) * + int( $myvar{'innodb_buffer_pool_instances'} ) + ) eq 0 + ) + { + goodprint +"innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; + } + else { + badprint +"innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; + +#push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" ); + push( @adjvars, +"innodb_buffer_pool_size must always be equal to or a multiple of innodb_buffer_pool_chunk_size * innodb_buffer_pool_instances" + ); + } + } + # InnoDB Read efficency if ( defined $mycalc{'pct_read_efficiency'} && $mycalc{'pct_read_efficiency'} < 90 ) @@ -3965,8 +4029,8 @@ ENDSQL # Take the two recommendation arrays and display them at the end of the output sub make_recommendations { - $result{'Recommendations'}=\@generalrec; - $result{'Adjust variables'}=\@adjvars; + $result{'Recommendations'} = \@generalrec; + $result{'Adjust variables'} = \@adjvars; subheaderprint "Recommendations"; if ( @generalrec > 0 ) { prettyprint "General recommendations:"; @@ -4056,7 +4120,7 @@ sub dump_result { debugprint "HTML REPORT: $opt{'reportfile'}"; if ( $opt{'reportfile'} ne 0 ) { - eval {require Text::Template}; + eval { require Text::Template }; if ($@) { badprint "Text::Template Module is needed."; exit 1; @@ -4080,7 +4144,7 @@ sub dump_result { close $fh; } if ( $opt{'json'} ne 0 ) { - eval {require JSON}; + eval { require JSON }; if ($@) { print "$bad JSON Module is needed.\n"; exit 1; @@ -4108,35 +4172,34 @@ sub which { # --------------------------------------------------------------------------- # BEGIN 'MAIN' # --------------------------------------------------------------------------- -headerprint; # Header Print -validate_tuner_version; # Check last version -mysql_setup; # Gotta login first -os_setup; # Set up some OS variables -get_all_vars; # Toss variables/status into hashes -get_tuning_info; # Get information about the tuning connexion -validate_mysql_version; # Check current MySQL version +headerprint; # Header Print +validate_tuner_version; # Check last version +mysql_setup; # Gotta login first +os_setup; # Set up some OS variables +get_all_vars; # Toss variables/status into hashes +get_tuning_info; # Get information about the tuning connexion +validate_mysql_version; # Check current MySQL version - -check_architecture; # Suggest 64-bit upgrade -system_recommendations; # avoid to many service on the same host -check_storage_engines; # Show enabled storage engines -mysql_databases; # Show informations about databases -mysql_indexes; # Show informations about indexes -security_recommendations; # Display some security recommendations -cve_recommendations; # Display related CVE -calculations; # Calculate everything we need -mysql_stats; # Print the server stats -mysqsl_pfs; # Print Performance schema info -mariadb_threadpool; # Print MaraiDB ThreadPool stats -mysql_myisam; # Print MyISAM stats -mariadb_ariadb; # Print MaraiDB AriaDB stats -mysql_innodb; # Print InnoDB stats -mariadb_tokudb; # Print MaraiDB TokuDB stats -mariadb_galera; # Print MaraiDB Galera Cluster stats -get_replication_status; # Print replication info -make_recommendations; # Make recommendations based on stats -dump_result; # Dump result if debug is on -close_outputfile; # Close reportfile if needed +check_architecture; # Suggest 64-bit upgrade +system_recommendations; # avoid to many service on the same host +check_storage_engines; # Show enabled storage engines +mysql_databases; # Show informations about databases +mysql_indexes; # Show informations about indexes +security_recommendations; # Display some security recommendations +cve_recommendations; # Display related CVE +calculations; # Calculate everything we need +mysql_stats; # Print the server stats +mysqsl_pfs; # Print Performance schema info +mariadb_threadpool; # Print MaraiDB ThreadPool stats +mysql_myisam; # Print MyISAM stats +mariadb_ariadb; # Print MaraiDB AriaDB stats +mysql_innodb; # Print InnoDB stats +mariadb_tokudb; # Print MaraiDB TokuDB stats +mariadb_galera; # Print MaraiDB Galera Cluster stats +get_replication_status; # Print replication info +make_recommendations; # Make recommendations based on stats +dump_result; # Dump result if debug is on +close_outputfile; # Close reportfile if needed # --------------------------------------------------------------------------- # END 'MAIN' From 401cb549e82d0d72496be11326658a1cb41e3b79 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 31 Aug 2016 13:48:01 +0200 Subject: [PATCH 169/237] Removing warnings for SQL request --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 8bb3c3f..3ee344c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -886,7 +886,7 @@ sub mysql_setup { sub select_array { my $req = shift; debugprint "PERFORM: $req "; - my @result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; + my @result = `$mysqlcmd $mysqllogin -Bse "\\w$req" 2>>/dev/null`; if ( $? != 0 ) { badprint "failed to execute: $req"; badprint "FAIL Execute SQL / return code: $?"; @@ -905,7 +905,7 @@ sub select_array { sub select_one { my $req = shift; debugprint "PERFORM: $req "; - my $result = `$mysqlcmd $mysqllogin -Bse "$req" 2>>/dev/null`; + my $result = `$mysqlcmd $mysqllogin -Bse "\\w$req" 2>>/dev/null`; if ( $? != 0 ) { badprint "failed to execute: $req"; badprint "FAIL Execute SQL / return code: $?"; From 9f777ed47b64d29e1988cd30944381ce35809bef Mon Sep 17 00:00:00 2001 From: Rowan Wookey Date: Sat, 3 Sep 2016 15:11:09 +0100 Subject: [PATCH 170/237] Fixed #245 error when checking for passwordless accounts on MySQL < 5.5 --- mysqltuner.pl | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 3ee344c..fab7345 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1505,8 +1505,13 @@ sub security_recommendations { } # Looking for Empty Password + if ( mysql_version_ge( 5, 5 ) ) { @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')"; + } else { + @mysqlstatlist = select_array +"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL)"; + } if (@mysqlstatlist) { foreach my $line ( sort @mysqlstatlist ) { chomp($line); From 33dfabd9405574f8cc5933646ca14e864c47373a Mon Sep 17 00:00:00 2001 From: root Date: Mon, 12 Sep 2016 14:18:14 +0200 Subject: [PATCH 171/237] #237 removing ? more info ? --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index fab7345..5e3984b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2598,7 +2598,7 @@ sub mysql_stats { # name resolution if ( not defined( $result{'Variables'}{'skip_name_resolve'} ) ) { infoprint -"Skipped name resolution test due to missing skip_name_resolve in system variables. ?More info?"; +"Skipped name resolution test due to missing skip_name_resolve in system variables."; } elsif ( $result{'Variables'}{'skip_name_resolve'} eq 'OFF' ) { badprint From 2b6a0c35228d6937e54101056d046cdd25f4de35 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 12 Sep 2016 16:43:20 +0200 Subject: [PATCH 172/237] Adding Comment with sys request --- mysqltuner.pl | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5e3984b..0cb2fe9 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3132,7 +3132,7 @@ sub get_pf_memory { return 0 unless defined $myvar{'performance_schema'}; return 0 if $myvar{'performance_schema'} eq 'OFF'; - my @infoPFSMemory = grep /performance_schema.memory/, + my @infoaMemory = grep /performance_schema.memory/, select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); return 0 if scalar(@infoPFSMemory) == 0; $infoPFSMemory[0] =~ s/.*\s+(\d+)$/$1/g; @@ -3161,6 +3161,16 @@ sub mysqsl_pfs { return; } + #*High Cost SQL statements + #select * from sys.`x$statement_analysis` + #* Top 5% slower queries + #select * from sys.`x$statements_with_runtimes_in_95th_percentile` + #*Use temporary tables + #select * from sys.`statements_with_temp_tables` + #*Unused Indexes + #select * from sys.`schema_unused_indexes` + #* Full table scans select * from sys.`schema_tables_with_full_table_scans` + } # Recommendations for Ariadb From 972bf2e4aeb3459b0e0d5125647a79a5eabd821a Mon Sep 17 00:00:00 2001 From: root Date: Mon, 19 Sep 2016 16:13:22 +0200 Subject: [PATCH 173/237] #193 adding some useful extraction for sysschema --- mysqltuner.pl | 65 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 47 insertions(+), 18 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 0cb2fe9..5a4a9dd 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.18 +# mysqltuner.pl - Version 1.6.19 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.18"; +my $tunerversion = "1.6.19"; my ( @adjvars, @generalrec ); # Set defaults @@ -3132,7 +3132,7 @@ sub get_pf_memory { return 0 unless defined $myvar{'performance_schema'}; return 0 if $myvar{'performance_schema'} eq 'OFF'; - my @infoaMemory = grep /performance_schema.memory/, + my @infoPFSMemory = grep /performance_schema.memory/, select_array("SHOW ENGINE PERFORMANCE_SCHEMA STATUS"); return 0 if scalar(@infoPFSMemory) == 0; $infoPFSMemory[0] =~ s/.*\s+(\d+)$/$1/g; @@ -3153,24 +3153,53 @@ sub mysqsl_pfs { infoprint "Performance schema is enabled."; infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); - if ( grep /^sys$/, select_array("SHOW DATABASES") ) { - infoprint "Sys schema is installed."; - } - else { - infoprint "Sys schema isn't installed."; - return; + unless ( grep /^sys$/, select_array("SHOW DATABASES") ) { + infoprint "Sys schema isn't installed."; + return; } + infoprint "Sys schema is installed."; + + #*High Cost SQL statements - #select * from sys.`x$statement_analysis` - #* Top 5% slower queries - #select * from sys.`x$statements_with_runtimes_in_95th_percentile` - #*Use temporary tables - #select * from sys.`statements_with_temp_tables` - #*Unused Indexes - #select * from sys.`schema_unused_indexes` - #* Full table scans select * from sys.`schema_tables_with_full_table_scans` + infoprint "Top 5 Most latency statements:"; + my $nbL=1; + for my $lQuery(select_array ('select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + #* Top 5% slower queries + infoprint "Top 5 slower queries:"; + $nbL=1; + for my $lQuery(select_array ('select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery s"; + $nbL++; + } + + #*Use temporary tables + infoprint "Some queries using temp table:"; + $nbL=1; + for my $lQuery(select_array ('select query from sys.statements_with_temp_tables LIMIT 20')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + + #*Unused Indexes + infoprint "Unused indexes:"; + $nbL=1; + for my $lQuery(select_array ('select * from sys.schema_unused_indexes')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + #* Full table scans + #select * from sys.`schema_tables_with_full_table_scans` + infoprint "Tables with full table scans:"; + $nbL=1; + for my $lQuery(select_array ('select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } } # Recommendations for Ariadb @@ -4229,7 +4258,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.18 - MySQL High Performance Tuning Script + MySQLTuner 1.6.19 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES From e18bcd7038a438a1d47fb5a5b1553b3a3381c932 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Mon, 19 Sep 2016 16:18:35 +0200 Subject: [PATCH 174/237] Update INTERNALS.md --- INTERNALS.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/INTERNALS.md b/INTERNALS.md index f601f15..d6b99dc 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -24,7 +24,7 @@ * [GALERA information](#mysqltuner-galera-information) * [TOKUDB information](#mysqltuner-tokudb-information) * [ThreadPool information](#mysqltuner-threadpool-information) - +* [Performance Schema information](#mysqltuner-pfs-information) ## MySQLTuner steps * Header Print @@ -269,3 +269,13 @@ * thread_pool_size between 16 to 36 for Innodb usage * thread_pool_size between 4 to 8 for MyIsam usage + +## MySQLTuner performance schema and sysschema information + +* High Cost SQL statements +* Top 5% slower queries +* Use temporary tables +* Unused Indexes +* Full table scans +* thread_pool_size between 4 to 8 for MyIsam usage + From 64620feeac5ef79ffef7f1fc2f0726f5b2b44730 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Mon, 19 Sep 2016 16:19:55 +0200 Subject: [PATCH 175/237] Update INTERNALS.md --- INTERNALS.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/INTERNALS.md b/INTERNALS.md index d6b99dc..3203374 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -24,7 +24,8 @@ * [GALERA information](#mysqltuner-galera-information) * [TOKUDB information](#mysqltuner-tokudb-information) * [ThreadPool information](#mysqltuner-threadpool-information) -* [Performance Schema information](#mysqltuner-pfs-information) +* [Performance Schema information](#mysqltuner-performance-schema-and-sysschema-information) +* ## MySQLTuner steps * Header Print From 5588aa493143fe49425a63c00f8cae73e709a9f1 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 20 Sep 2016 12:26:18 +0200 Subject: [PATCH 176/237] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 3d7e8da..9dae9ec 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ MySQLTuner-perl [![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") +[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-2.0/) MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. From 99ad351b51c5a2b268aa9a4aece5e9221eec68db Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 20 Sep 2016 12:31:04 +0200 Subject: [PATCH 177/237] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9dae9ec..575cf76 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ MySQLTuner-perl [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") [![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-2.0/) - +[![Github Releases (by Asset)](https://img.shields.io/github/downloads/atom/atom/latest/atom-amd64.deb.svg?maxAge=2592000)]() MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. From dae7ac921994cbc36a36271e1a57029f4057afa0 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Tue, 20 Sep 2016 12:36:27 +0200 Subject: [PATCH 178/237] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 575cf76..9dae9ec 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ MySQLTuner-perl [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") [![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-2.0/) -[![Github Releases (by Asset)](https://img.shields.io/github/downloads/atom/atom/latest/atom-amd64.deb.svg?maxAge=2592000)]() + MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. From 243c54eaa0362f31017b8824069fef025bca5419 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 26 Sep 2016 15:53:32 +0200 Subject: [PATCH 179/237] Adding --defaults-file to change credentials storage --- mysqltuner.pl | 82 ++++++++++++++++++++++++++------------------------- 1 file changed, 42 insertions(+), 40 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5a4a9dd..6ca5694 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.19 +# mysqltuner.pl - Version 1.6.20 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.19"; +my $tunerversion = "1.6.20"; my ( @adjvars, @generalrec ); # Set defaults @@ -84,13 +84,15 @@ my %opt = ( "dbstat" => 0, "idxstat" => 0, "sysstat" => 0, + "pfstat" => 0, "skippassword" => 0, "noask" => 0, "template" => 0, "json" => 0, "prettyjson" => 0, "reportfile" => 0, - "verbose" => 0 + "verbose" => 0, + "defaults-file" => '', ); # Gather the options from the command line @@ -113,7 +115,8 @@ my $getOptionsCheck = GetOptions( 'cvefile=s', 'bannedports=s', 'updateversion', 'maxportallowed=s', 'verbose', 'sysstat', - 'password=s', + 'password=s', 'pfstat', + 'defaults-file=s' ); #If params are incorrect return help @@ -142,6 +145,7 @@ sub usage { . " --port Port to use for connection (default: 3306)\n" . " --user Username to use for authentication\n" . " --pass Password to use for authentication\n" + . " --defaults-file Path to a custom .my.cnf\n" . " --mysqladmin Path to a custom mysqladmin executable\n" . " --mysqlcmd Path to a custom mysql executable\n" . "\n" . " --noask Don't ask password if needed\n" . "\n" @@ -163,6 +167,7 @@ sub usage { . " --dbstat Print database information\n" . " --idxstat Print index information\n" . " --sysstat Print system information\n" + . " --pfstat Print Performance schema information\n" . " --bannedports Ports banned separated by comma(,)\n" . " --maxportallowed Number of ports opened allowed on this hosts\n" . " --cvefile CVE File for vulnerability checks\n" @@ -198,6 +203,7 @@ if ( $opt{verbose} ) { $opt{idxstat} = 1; #Print index information $opt{sysstat} = 1; #Print index information $opt{buffers} = 1; #Print global and per-thread buffer values + $opt{pfstat} = 1; #Print performance schema info. $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks } @@ -799,6 +805,19 @@ sub mysql_setup { "Attempted to use login credentials from debian maintenance account, but they failed."; exit 1; } + } elsif ($opt{'defaults-file'} ne 0 and -r "$opt{'defaults-file'}") { + # defaults-file + debugprint "defaults file detected: $opt{'defaults-file'}"; + my $mysqlclidefaults = `$mysqlcmd --print-defaults`; + debugprint "MySQL Client Default File: $opt{'defaults-file'}"; + + $mysqllogin = "--defaults-file=".$opt{'defaults-file'}; + my $loginstatus = `$mysqladmincmd $mysqllogin ping 2>&1`; + if ( $loginstatus =~ /mysqld is alive/ ) { + goodprint + "Logged in using credentials from defaults file account."; + return 1; + } } else { # It's not Plesk or debian, we should try a login @@ -2870,8 +2889,7 @@ sub mysql_stats { . hr_num( $myvar{'open_files_limit'} ) . ")"; push( @adjvars, "open_files_limit (> " . $myvar{'open_files_limit'} . ")" ); - } - else { + } else { goodprint "Open file limit used: $mycalc{'pct_files_open'}% (" . hr_num( $mystat{'Open_files'} ) . "/" . hr_num( $myvar{'open_files_limit'} ) . ")"; @@ -2885,8 +2903,7 @@ sub mysql_stats { "Table locks acquired immediately: $mycalc{'pct_table_locks_immediate'}%"; push( @generalrec, "Optimize queries and/or use InnoDB to reduce lock wait" ); - } - else { + } else { goodprint "Table locks acquired immediately: $mycalc{'pct_table_locks_immediate'}% (" . hr_num( $mystat{'Table_locks_immediate'} ) @@ -2900,8 +2917,7 @@ sub mysql_stats { # Binlog cache if ( defined $mycalc{'pct_binlog_cache'} ) { if ( $mycalc{'pct_binlog_cache'} < 90 - && $mystat{'Binlog_cache_use'} > 0 ) - { + && $mystat{'Binlog_cache_use'} > 0 ) { badprint "Binlog cache memory access: " . $mycalc{'pct_binlog_cache'} . "% ( " . ( @@ -2917,8 +2933,7 @@ sub mysql_stats { "binlog_cache_size (" . hr_bytes( $myvar{'binlog_cache_size'} + 16 * 1024 * 1024 ) . " ) " ); - } - else { + } else { goodprint "Binlog cache memory access: " . $mycalc{'pct_binlog_cache'} . "% ( " . ( @@ -2934,11 +2949,9 @@ sub mysql_stats { # Performance options if ( !mysql_version_ge( 5, 1 ) ) { push( @generalrec, "Upgrade to MySQL 5.5+ to use asynchronous write" ); - } - elsif ( $myvar{'concurrent_insert'} eq "OFF" ) { + } elsif ( $myvar{'concurrent_insert'} eq "OFF" ) { push( @generalrec, "Enable concurrent_insert by setting it to 'ON'" ); - } - elsif ( $myvar{'concurrent_insert'} eq 0 ) { + } elsif ( $myvar{'concurrent_insert'} eq 0 ) { push( @generalrec, "Enable concurrent_insert by setting it to 1" ); } } @@ -2969,9 +2982,7 @@ sub mysql_myisam { . hr_num( $myvar{'key_buffer_size'} ) . " cache)"; } - } - else { - + } else { # No queries have run that would use keys debugprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% (" . hr_num( @@ -2986,16 +2997,13 @@ sub mysql_myisam { push( @generalrec, "Unable to calculate MyISAM indexes on remote MySQL server < 5.0.0" ); - } - elsif ( $mycalc{'total_myisam_indexes'} =~ /^fail$/ ) { + } elsif ( $mycalc{'total_myisam_indexes'} =~ /^fail$/ ) { badprint "Cannot calculate MyISAM index size - re-run script as root user"; - } - elsif ( $mycalc{'total_myisam_indexes'} == "0" ) { + } elsif ( $mycalc{'total_myisam_indexes'} == "0" ) { badprint "None of your MyISAM tables are indexed - add indexes immediately"; - } - else { + } else { if ( $myvar{'key_buffer_size'} < $mycalc{'total_myisam_indexes'} && $mycalc{'pct_keys_from_mem'} < 95 ) { @@ -3006,8 +3014,7 @@ sub mysql_myisam { "key_buffer_size (> " . hr_bytes( $mycalc{'total_myisam_indexes'} ) . ")" ); - } - else { + } else { goodprint "Key buffer size / total MyISAM indexes: " . hr_bytes( $myvar{'key_buffer_size'} ) . "/" . hr_bytes( $mycalc{'total_myisam_indexes'} ) . ""; @@ -3020,8 +3027,7 @@ sub mysql_myisam { . " cached / " . hr_num( $mystat{'Key_reads'} ) . " reads)"; - } - else { + } else { goodprint "Read Key buffer hit rate: $mycalc{'pct_keys_from_mem'}% (" . hr_num( $mystat{'Key_read_requests'} ) @@ -3029,9 +3035,7 @@ sub mysql_myisam { . hr_num( $mystat{'Key_reads'} ) . " reads)"; } - } - else { - + } else { # No queries have run that would use keys debugprint "Key buffer size / total MyISAM indexes: " . hr_bytes( $myvar{'key_buffer_size'} ) . "/" @@ -3045,8 +3049,7 @@ sub mysql_myisam { . " cached / " . hr_num( $mystat{'Key_writes'} ) . " writes)"; - } - else { + } else { goodprint "Write Key buffer hit rate: $mycalc{'pct_wkeys_from_mem'}% (" . hr_num( $mystat{'Key_write_requests'} ) @@ -3054,9 +3057,7 @@ sub mysql_myisam { . hr_num( $mystat{'Key_writes'} ) . " writes)"; } - } - else { - + } else { # No queries have run that would use keys debugprint "Write Key buffer hit rate: $mycalc{'pct_wkeys_from_mem'}% (" @@ -3159,7 +3160,7 @@ sub mysqsl_pfs { } infoprint "Sys schema is installed."; - + return if ( $opt{pfstat} == 0 ); #*High Cost SQL statements infoprint "Top 5 Most latency statements:"; @@ -4258,7 +4259,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.19 - MySQL High Performance Tuning Script + MySQLTuner 1.6.20 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES @@ -4276,7 +4277,7 @@ You must provide the remote server's total memory when connecting to other serve --pass Password to use for authentication --mysqladmin Path to a custom mysqladmin executable --mysqlcmd Path to a custom mysql executable - + --defaults-file Path to a custom .my.cnf =head1 PERFORMANCE AND REPORTING OPTIONS --skipsize Don't enumerate tables and their types/sizes (default: on) @@ -4298,6 +4299,7 @@ You must provide the remote server's total memory when connecting to other serve --dbstat Print database information --idxstat Print index information --sysstat Print system information + --pfstat Print Performance schema --bannedports Ports banned separated by comma(,) --maxportallowed Number of ports opened allowed on this hosts --cvefile CVE File for vulnerability checks From 8263cbda27a914c2fd160e5f1337ab6b25241f2d Mon Sep 17 00:00:00 2001 From: root Date: Mon, 26 Sep 2016 16:00:20 +0200 Subject: [PATCH 180/237] Update doc --- README.md | 5 +++-- USAGE.md | 8 +++++--- mysqltuner.pl | 1 - 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 9dae9ec..91fc5d4 100644 --- a/README.md +++ b/README.md @@ -24,10 +24,10 @@ MySQLTuner needs you: Compatibility: ==== -* MySQL 5.7 (partial support) +* MySQL 5.7 (full support) * MySQL 5.6 (full support) * MySQL 5.5 (full support) -* MariaDB 10.1 (partial support) +* MariaDB 10.1 (full support) * MariaDB 10.0 (full support) * Percona Server 5.6 (full support) * Percona XtraDB cluster (full support) @@ -172,6 +172,7 @@ Connection and Authentication --port Port to use for connection (default: 3306) --user Username to use for authentication --pass Password to use for authentication + --defaults-file defaulfs file for credentials Since you are using a remote host, use parameters to supply values from the OS diff --git a/USAGE.md b/USAGE.md index 8742623..56e7609 100644 --- a/USAGE.md +++ b/USAGE.md @@ -1,6 +1,6 @@ # NAME - MySQLTuner 1.6.10 - MySQL High Performance Tuning Script + MySQLTuner 1.6.20 - MySQL High Performance Tuning Script # IMPORTANT USAGE GUIDELINES @@ -18,8 +18,8 @@ You must provide the remote server's total memory when connecting to other serve --pass Password to use for authentication --mysqladmin Path to a custom mysqladmin executable --mysqlcmd Path to a custom mysql executable - -# PERFORMANCE AND REPORTING OPTIONS + --defaults-file Path to a custom .my.cnf + =head1 PERFORMANCE AND REPORTING OPTIONS --skipsize Don't enumerate tables and their types/sizes (default: on) (Recommended for servers with many tables) @@ -40,6 +40,7 @@ You must provide the remote server's total memory when connecting to other serve --dbstat Print database information --idxstat Print index information --sysstat Print system information + --pfstat Print Performance schema --bannedports Ports banned separated by comma(,) --maxportallowed Number of ports opened allowed on this hosts --cvefile CVE File for vulnerability checks @@ -101,6 +102,7 @@ Major Hayden - major@mhtx.net - Joe Ashcraft - Jean-Marie Renouard - Stephan GroBberndt +- Christian Loos # SUPPORT diff --git a/mysqltuner.pl b/mysqltuner.pl index 6ca5694..85787e7 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4252,7 +4252,6 @@ close_outputfile; # Close reportfile if needed 1; __END__ - =pod =encoding UTF-8 From aa905624798559ba9b2e0c1c1a4cfc206098406f Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Mon, 26 Sep 2016 16:02:36 +0200 Subject: [PATCH 181/237] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 91fc5d4..118d553 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,8 @@ __Usage:__ Minimal usage remotely __Usage:__ Enable maximum output information around MySQL/MariaDb without debugging - perl mysqltuner.pl --buffers --dbstat --idxstat + perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat + perl mysqltuner.pl --verbose __Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version From 20b9fa2a1926193a56192d5252a79a68e4daf5e4 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 26 Sep 2016 18:32:35 +0200 Subject: [PATCH 182/237] Included a lot of new indicators for PFS when using --pfstat or --verbose option --- INTERNALS.md | 30 ++++++- mysqltuner.pl | 223 ++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 242 insertions(+), 11 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 3203374..54f357d 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -273,10 +273,36 @@ ## MySQLTuner performance schema and sysschema information +* sys Schema version * High Cost SQL statements * Top 5% slower queries * Use temporary tables * Unused Indexes * Full table scans -* thread_pool_size between 4 to 8 for MyIsam usage - +* Top 5 host per connection +* Top 5 host per statement +* Top 5 host per statement latency +* Top 5 host per lock latency +* Top 5 host per nb full scans +* Top 5 host per rows sent +* Top 5 host per rows modified +* Top 5 host per io +* Top 5 host per io latency +* Top IO type order by total io +* Top IO type order by total latency +* Top IO type order by max latency +* Top Stages order by total io +* Top Stages order by total latency +* Top Stages order by avg latency +* Top 5 host per table scans +* Top 5 Most latency statements +* Top 5 slower queries +* Top 10 nb statement type +* Top statement by total latency +* Top statement by lock latency +* Top statement by full scans +* Top statement by rows sent +* Top statement by rows modified +* Some queries using temp table +* Unused indexes +* Tables with full table scans diff --git a/mysqltuner.pl b/mysqltuner.pl index 85787e7..b2a7fce 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3162,45 +3162,250 @@ sub mysqsl_pfs { infoprint "Sys schema is installed."; return if ( $opt{pfstat} == 0 ); - #*High Cost SQL statements - infoprint "Top 5 Most latency statements:"; + infoprint "Sys schema Version: ".select_one("select sys_version from sys.version"); + # Top host per connection + subheaderprint "Performance schema: Top 5 host per connection"; my $nbL=1; + for my $lQuery(select_array ('select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery conn(s)"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per statement + subheaderprint "Performance schema: Top 5 host per statement"; + $nbL=1; + for my $lQuery(select_array ('select host, statements from sys.host_summary order by statements desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery stmt(s)"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per statement latency + subheaderprint "Performance schema: Top 5 host per statement latency"; + $nbL=1; + for my $lQuery(select_array ('select host, statement_avg_latency from sys.host_summary order by statement_avg_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per lock latency + subheaderprint "Performance schema: Top 5 host per lock latency"; + $nbL=1; + for my $lQuery(select_array ('select host, lock_latency from sys.host_summary_by_statement_latency order by lock_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + # Top host per full scans + subheaderprint "Performance schema: Top 5 host per nb full scans"; + $nbL=1; + for my $lQuery(select_array ('select host, full_scans from sys.host_summary_by_statement_latency order by full_scans desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + # Top host per row_sent + subheaderprint "Performance schema: Top 5 host per rows sent"; + $nbL=1; + for my $lQuery(select_array ('select host, rows_sent from sys.host_summary_by_statement_latency order by rows_sent desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per row modified + subheaderprint "Performance schema: Top 5 host per rows modified"; + $nbL=1; + for my $lQuery(select_array ('select host, rows_affected from sys.host_summary_by_statement_latency order by rows_affected desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per io + subheaderprint "Performance schema: Top 5 host per io"; + $nbL=1; + for my $lQuery(select_array ('select host, file_ios from sys.host_summary order by file_ios desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per io latency + subheaderprint "Performance schema: Top 5 host per io latency"; + $nbL=1; + for my $lQuery(select_array ('select host, file_io_latency from sys.host_summary order by file_io_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top IO type order by total io"; + $nbL=1; + for my $lQuery(select_array ('use sys;select substring(event_name,14), SUM(total)AS total from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;')) { + infoprint " +-- $nbL: $lQuery i/o"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top IO type order by total latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select substring(event_name,14), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top IO type order by max latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + subheaderprint "Performance schema: Top Stages order by total io"; + $nbL=1; + for my $lQuery(select_array ('use sys;select substring(event_name,7), SUM(total)AS total from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;')) { + infoprint " +-- $nbL: $lQuery i/o"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top Stages order by total latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select substring(event_name,7), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top Stages order by avg latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + + + + # Top host per table scans + subheaderprint "Performance schema: Top 5 host per table scans"; + $nbL=1; + for my $lQuery(select_array ('select host, table_scans from sys.host_summary order by table_scans desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + #*High Cost SQL statements + subheaderprint "Performance schema: Top 5 Most latency statements"; + $nbL=1; for my $lQuery(select_array ('select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } - + infoprint "No information found or indicators desactivated." if ($nbL == 1); + #* Top 5% slower queries - infoprint "Top 5 slower queries:"; + subheaderprint "Performance schema: Top 5 slower queries"; $nbL=1; for my $lQuery(select_array ('select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5')) { infoprint " +-- $nbL: $lQuery s"; $nbL++; } - + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # + subheaderprint "Performance schema: Top 10 nb statement type"; + $nbL=1; + for my $lQuery(select_array ('use sys;select statement, sum(total) as total from host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top statement by total latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select statement, sum(total_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top statement by lock latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select statement, sum(lock_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top statement by full scans"; + $nbL=1; + for my $lQuery(select_array ('use sys;select statement, sum(full_scans) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top statement by rows sent"; + $nbL=1; + for my $lQuery(select_array ('use sys;select statement, sum(rows_sent) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top statement by rows modified"; + $nbL=1; + for my $lQuery(select_array ('use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + #*Use temporary tables - infoprint "Some queries using temp table:"; + subheaderprint "Performance schema: Some queries using temp table"; $nbL=1; for my $lQuery(select_array ('select query from sys.statements_with_temp_tables LIMIT 20')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } - + infoprint "No information found or indicators desactivated." if ($nbL == 1); + #*Unused Indexes - infoprint "Unused indexes:"; + subheaderprint "Performance schema: Unused indexes"; $nbL=1; for my $lQuery(select_array ('select * from sys.schema_unused_indexes')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + #* Full table scans #select * from sys.`schema_tables_with_full_table_scans` - infoprint "Tables with full table scans:"; + subheaderprint "Performance schema: Tables with full table scans"; $nbL=1; for my $lQuery(select_array ('select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + } # Recommendations for Ariadb From 30616932d7602ca3e1f26b37f890644024a7ae4c Mon Sep 17 00:00:00 2001 From: root Date: Tue, 27 Sep 2016 16:07:26 +0200 Subject: [PATCH 183/237] Adding Performance stat per user --- INTERNALS.md | 14 ++++++- mysqltuner.pl | 108 +++++++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 115 insertions(+), 7 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 54f357d..17bd3c6 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -279,6 +279,17 @@ * Use temporary tables * Unused Indexes * Full table scans +* Top 5 user per connection +* Top 5 user per statement +* Top 5 user per statement latency +* Top 5 user per lock latency +* Top 5 user per nb full scans +* Top 5 user per rows sent +* Top 5 user per rows modified +* Top 5 user per io +* Top 5 user per io latency +* Top 5 user per table scans + * Top 5 host per connection * Top 5 host per statement * Top 5 host per statement latency @@ -288,13 +299,14 @@ * Top 5 host per rows modified * Top 5 host per io * Top 5 host per io latency +* Top 5 host per table scans + * Top IO type order by total io * Top IO type order by total latency * Top IO type order by max latency * Top Stages order by total io * Top Stages order by total latency * Top Stages order by avg latency -* Top 5 host per table scans * Top 5 Most latency statements * Top 5 slower queries * Top 10 nb statement type diff --git a/mysqltuner.pl b/mysqltuner.pl index b2a7fce..d551069 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3163,9 +3163,109 @@ sub mysqsl_pfs { return if ( $opt{pfstat} == 0 ); infoprint "Sys schema Version: ".select_one("select sys_version from sys.version"); + + + + + + + + + # Top user per connection + subheaderprint "Performance schema: Top 5 user per connection"; + my $nbL=1; + for my $lQuery(select_array ('select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery conn(s)"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per statement + subheaderprint "Performance schema: Top 5 user per statement"; + $nbL=1; + for my $lQuery(select_array ('select user, statements from sys.user_summary order by statements desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery stmt(s)"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per statement latency + subheaderprint "Performance schema: Top 5 user per statement latency"; + $nbL=1; + for my $lQuery(select_array ('select user, statement_avg_latency from sys.user_summary order by statement_avg_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per lock latency + subheaderprint "Performance schema: Top 5 user per lock latency"; + $nbL=1; + for my $lQuery(select_array ('select user, lock_latency from sys.user_summary_by_statement_latency order by lock_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + # Top host per full scans + subheaderprint "Performance schema: Top 5 user per nb full scans"; + $nbL=1; + for my $lQuery(select_array ('select user, full_scans from sys.user_summary_by_statement_latency order by full_scans desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + # Top host per row_sent + subheaderprint "Performance schema: Top 5 user per rows sent"; + $nbL=1; + for my $lQuery(select_array ('select user, rows_sent from sys.user_summary_by_statement_latency order by rows_sent desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per row modified + subheaderprint "Performance schema: Top 5 user per rows modified"; + $nbL=1; + for my $lQuery(select_array ('select user, rows_affected from sys.user_summary_by_statement_latency order by rows_affected desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per io + subheaderprint "Performance schema: Top 5 user per io"; + $nbL=1; + for my $lQuery(select_array ('select user, file_ios from sys.user_summary order by file_ios desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Top host per io latency + subheaderprint "Performance schema: Top 5 user per io latency"; + $nbL=1; + for my $lQuery(select_array ('select user, file_io_latency from sys.user_summary order by file_io_latency desc LIMIT 5')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + + + + + + + + # Top host per connection subheaderprint "Performance schema: Top 5 host per connection"; - my $nbL=1; + $nbL=1; for my $lQuery(select_array ('select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5')) { infoprint " +-- $nbL: $lQuery conn(s)"; $nbL++; @@ -3294,10 +3394,6 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - - - - # Top host per table scans subheaderprint "Performance schema: Top 5 host per table scans"; @@ -3368,7 +3464,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Top statement by rows modified"; + subheaderprint "Performance schema: Top statement by rows modified"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { infoprint " +-- $nbL: $lQuery"; From 50ece21b2df264dc69ae31c09fc3dcddea4795f2 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 6 Oct 2016 10:44:58 +0200 Subject: [PATCH 184/237] New indicators from performance schema On the road to 1.7.x version --- INTERNALS.md | 6 +- mysqltuner.pl | 57 ++++++---- vulnerabilities.csv | 270 +++++++++++++++++++++++--------------------- 3 files changed, 178 insertions(+), 155 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 17bd3c6..4e2a0bc 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -25,7 +25,7 @@ * [TOKUDB information](#mysqltuner-tokudb-information) * [ThreadPool information](#mysqltuner-threadpool-information) * [Performance Schema information](#mysqltuner-performance-schema-and-sysschema-information) -* + ## MySQLTuner steps * Header Print @@ -301,6 +301,10 @@ * Top 5 host per io latency * Top 5 host per table scans +* InnoDB Buffer Pool by schema +* InnoDB Buffer Pool by table +* Process per allocated memory + * Top IO type order by total io * Top IO type order by total latency * Top IO type order by max latency diff --git a/mysqltuner.pl b/mysqltuner.pl index d551069..7316b5a 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# mysqltuner.pl - Version 1.6.20 +# mysqltuner.pl - Version 1.7.0 # High Performance MySQL Tuning Script # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net # @@ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; #use Env; # Set up a few variables for use in the script -my $tunerversion = "1.6.20"; +my $tunerversion = "1.7.0"; my ( @adjvars, @generalrec ); # Set defaults @@ -206,7 +206,7 @@ if ( $opt{verbose} ) { $opt{pfstat} = 1; #Print performance schema info. $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks } - + # for RPM distributions $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); @@ -3163,13 +3163,6 @@ sub mysqsl_pfs { return if ( $opt{pfstat} == 0 ); infoprint "Sys schema Version: ".select_one("select sys_version from sys.version"); - - - - - - - # Top user per connection subheaderprint "Performance schema: Top 5 user per connection"; @@ -3254,15 +3247,6 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - - - - - - - - - # Top host per connection subheaderprint "Performance schema: Top 5 host per connection"; $nbL=1; @@ -3405,7 +3389,34 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); - #*High Cost SQL statements + # InnoDB Buffer Pool by schema + subheaderprint "Performance schema: InnoDB Buffer Pool by schema"; + $nbL=1; + for my $lQuery(select_array ('select object_schema, allocated, data, pages from sys.innodb_buffer_stats_by_schema ORDER BY pages DESC')) { + infoprint " +-- $nbL: $lQuery page(s)"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # InnoDB Buffer Pool by table + subheaderprint "Performance schema: InnoDB Buffer Pool by table"; + $nbL=1; + for my $lQuery(select_array ("select CONCAT(object_schema,CONCAT('.', object_name)), allocated,data, pages from sys.innodb_buffer_stats_by_table ORDER BY pages DESC")) { + infoprint " +-- $nbL: $lQuery page(s)"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Proc per allocated memory + subheaderprint "Performance schema: Process per allocated memory"; + $nbL=1; + for my $lQuery(select_array ("select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;" )) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # High Cost SQL statements subheaderprint "Performance schema: Top 5 Most latency statements"; $nbL=1; for my $lQuery(select_array ('select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5')) { @@ -3472,8 +3483,6 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - - #*Use temporary tables subheaderprint "Performance schema: Some queries using temp table"; $nbL=1; @@ -3903,7 +3912,7 @@ sub mysql_innodb { } if ( defined $myvar{'innodb_log_buffer_size'} ) { infoprint " +-- InnoDB Log Buffer: " - . hr_bytes( $myvar{'innodb_log_buffer_size'} ) . ""; + . hr_bytes( $myvar{'innodb_log_buffer_size'} ) . "(".percentage($mycalc{'innodb_log_size_pct'}).")"; } if ( defined $mystat{'Innodb_buffer_pool_pages_free'} ) { infoprint " +-- InnoDB Log Buffer Free: " @@ -4559,7 +4568,7 @@ __END__ =head1 NAME - MySQLTuner 1.6.20 - MySQL High Performance Tuning Script + MySQLTuner 1.7.0 - MySQL High Performance Tuning Script =head1 IMPORTANT USAGE GUIDELINES diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 7ddfd7a..2e4dda8 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -276,104 +276,104 @@ 5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and eariler and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and eariler and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; 6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; 5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; @@ -384,42 +384,42 @@ 5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.28;5;6;28;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; 2.17.1;2;17;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; 10.0.22;10;0;22;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; @@ -427,76 +427,86 @@ 5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; 5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; -5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; 3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; 5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; 5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.52;5;5;52;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.6.33;5;6;33;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.7.15;5;7;15;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +10.0.27;10;0;27;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +10.1.17;10;1;17;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1";Assigned (20160909);"None (candidate not yet proposed)"; +7.0.11;7;0;11;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1";Assigned (20160909);"None (candidate not yet proposed)"; From 8bbbc9bc80e18f8d450391b686d9172c22f3d8fa Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 6 Oct 2016 11:18:32 +0200 Subject: [PATCH 185/237] Update README.md --- README.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 118d553..e162b7e 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,14 @@ MySQLTuner-perl [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") [![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-2.0/) -MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. +**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. + +**MySQLTuner** supports in this last version ~250 indicators for MySQL/MariaDB like server. + +**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... + +You can found more details on this indicators +![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). ![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) @@ -79,8 +86,9 @@ __Usage:__ Minimal usage remotely __Usage:__ Enable maximum output information around MySQL/MariaDb without debugging - perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat perl mysqltuner.pl --verbose + perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat + __Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version From 3c53f7b391706040cafc1c9ce871d3650626455b Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Thu, 6 Oct 2016 11:19:12 +0200 Subject: [PATCH 186/237] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e162b7e..65d2ccf 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ MySQLTuner-perl **MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. -**MySQLTuner** supports in this last version ~250 indicators for MySQL/MariaDB like server. +**MySQLTuner** supports in this last version ~250 indicators for MySQL/MariaDB/Percona Server. **MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... From 9f382740bdb035f3e187e4ee2af2ad16e33a6718 Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Mon, 10 Oct 2016 13:19:30 +0200 Subject: [PATCH 187/237] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 65d2ccf..6016104 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ MySQLTuner-perl [![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") -[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-2.0/) +[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) **MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. From f32737d515fd8093789427515813ddd807be40cc Mon Sep 17 00:00:00 2001 From: Jean-Marie Renouard Date: Mon, 10 Oct 2016 13:20:17 +0200 Subject: [PATCH 188/237] Update README.ru.md --- README.ru.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.ru.md b/README.ru.md index 73f9d16..d304ad9 100644 --- a/README.ru.md +++ b/README.ru.md @@ -1,5 +1,11 @@ MySQLTuner-perl ==== +[![Build Status - Master](https://travis-ci.org/major/MySQLTuner-perl.svg?branch=master)](https://travis-ci.org/major/MySQLTuner-perl) +[![Project Status](http://opensource.box.com/badges/active.svg)](http://opensource.box.com/badges) +[![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) +[![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") +[![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") +[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) MySQLTuner это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL и составить рекомендации для увеличения производительности и стабильности работы. Выводятся текущие параметры конфигурации @@ -97,4 +103,4 @@ These kinds of things are bound to happen. Here are the details I need from you * Exact MySQL version * Where you obtained your MySQL version (OS package, source, etc) * The full text of the error - * A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) \ No newline at end of file + * A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) From f71c2751c48c672045079b1efd4012aa006b1722 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 14:07:15 +0200 Subject: [PATCH 189/237] New vulnerability list --- vulnerabilities.csv | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 0408842..78a8eae 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -427,6 +427,11 @@ 5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; 10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; 10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; +3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; +3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; From af96e4c9cbc3a38103cb8f2488e19640d64b543d Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 14:54:39 +0200 Subject: [PATCH 190/237] Update Indicators list --- INTERNALS.md | 86 ++++++++++++++++++++++++---------------------------- 1 file changed, 40 insertions(+), 46 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 4e2a0bc..60305d9 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -274,51 +274,45 @@ ## MySQLTuner performance schema and sysschema information * sys Schema version -* High Cost SQL statements -* Top 5% slower queries -* Use temporary tables -* Unused Indexes -* Full table scans -* Top 5 user per connection -* Top 5 user per statement -* Top 5 user per statement latency -* Top 5 user per lock latency -* Top 5 user per nb full scans -* Top 5 user per rows sent -* Top 5 user per rows modified -* Top 5 user per io -* Top 5 user per io latency -* Top 5 user per table scans - -* Top 5 host per connection -* Top 5 host per statement -* Top 5 host per statement latency -* Top 5 host per lock latency -* Top 5 host per nb full scans -* Top 5 host per rows sent -* Top 5 host per rows modified -* Top 5 host per io -* Top 5 host per io latency -* Top 5 host per table scans - +* Top user per connection +* Top user per statement +* Top user per statement latency +* Top user per lock latency +* Top user per full scans +* Top user per row_sent +* Top user per row modified +* Top user per io +* Top user per io latency +* Top host per connection +* Top host per statement +* Top host per statement latency +* Top host per lock latency +* Top host per full scans +* Top host per rows sent +* Top host per rows modified +* Top host per io +* Top 5 host per io latency +* Top IO type order by total io +* Top IO type order by total latency +* Top IO type order by max latency +* Top Stages order by total io +* Top Stages order by total latency +* Top Stages order by avg latency +* Top host per table scans * InnoDB Buffer Pool by schema * InnoDB Buffer Pool by table -* Process per allocated memory - -* Top IO type order by total io -* Top IO type order by total latency -* Top IO type order by max latency -* Top Stages order by total io -* Top Stages order by total latency -* Top Stages order by avg latency -* Top 5 Most latency statements -* Top 5 slower queries -* Top 10 nb statement type -* Top statement by total latency -* Top statement by lock latency -* Top statement by full scans -* Top statement by rows sent -* Top statement by rows modified -* Some queries using temp table -* Unused indexes -* Tables with full table scans +* Process per allocated memory +* InnoDB Lock Waits +* Threads IO Latency +* High Cost SQL statements +* Top 5% slower queries +* Top 10 nb statement type +* Top statement by total latency +* Top statement by lock latency +* Top statement by full scans +* Top statement by rows sent +* Top statement by rows modified +* Use temporary tables +* Unused Indexes +* Full table scans +* Latest file IO by latency \ No newline at end of file From 7b46762a1ab68169279636a2952de41dae59837c Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 15:34:29 +0200 Subject: [PATCH 191/237] Adding pfs indicators related to File IO --- INTERNALS.md | 7 +- mysqltuner.pl | 367 ++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 349 insertions(+), 25 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 60305d9..cc9feb2 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -315,4 +315,9 @@ * Use temporary tables * Unused Indexes * Full table scans -* Latest file IO by latency \ No newline at end of file +* Latest file IO by latency +* File by IO read bytes +* File by IO written bytes +* File per IO total latency +* File per IO read latency +* File per IO write latency \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index 7316b5a..3606f8d 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3173,7 +3173,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per statement + # Top user per statement subheaderprint "Performance schema: Top 5 user per statement"; $nbL=1; for my $lQuery(select_array ('select user, statements from sys.user_summary order by statements desc LIMIT 5')) { @@ -3182,7 +3182,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per statement latency + # Top user per statement latency subheaderprint "Performance schema: Top 5 user per statement latency"; $nbL=1; for my $lQuery(select_array ('select user, statement_avg_latency from sys.user_summary order by statement_avg_latency desc LIMIT 5')) { @@ -3191,7 +3191,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per lock latency + # Top user per lock latency subheaderprint "Performance schema: Top 5 user per lock latency"; $nbL=1; for my $lQuery(select_array ('select user, lock_latency from sys.user_summary_by_statement_latency order by lock_latency desc LIMIT 5')) { @@ -3201,7 +3201,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per full scans + # Top user per full scans subheaderprint "Performance schema: Top 5 user per nb full scans"; $nbL=1; for my $lQuery(select_array ('select user, full_scans from sys.user_summary_by_statement_latency order by full_scans desc LIMIT 5')) { @@ -3211,7 +3211,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per row_sent + # Top user per row_sent subheaderprint "Performance schema: Top 5 user per rows sent"; $nbL=1; for my $lQuery(select_array ('select user, rows_sent from sys.user_summary_by_statement_latency order by rows_sent desc LIMIT 5')) { @@ -3220,7 +3220,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per row modified + # Top user per row modified subheaderprint "Performance schema: Top 5 user per rows modified"; $nbL=1; for my $lQuery(select_array ('select user, rows_affected from sys.user_summary_by_statement_latency order by rows_affected desc LIMIT 5')) { @@ -3229,7 +3229,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per io + # Top user per io subheaderprint "Performance schema: Top 5 user per io"; $nbL=1; for my $lQuery(select_array ('select user, file_ios from sys.user_summary order by file_ios desc LIMIT 5')) { @@ -3238,7 +3238,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per io latency + # Top user per io latency subheaderprint "Performance schema: Top 5 user per io latency"; $nbL=1; for my $lQuery(select_array ('select user, file_io_latency from sys.user_summary order by file_io_latency desc LIMIT 5')) { @@ -3294,7 +3294,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per row_sent + # Top host per rows sent subheaderprint "Performance schema: Top 5 host per rows sent"; $nbL=1; for my $lQuery(select_array ('select host, rows_sent from sys.host_summary_by_statement_latency order by rows_sent desc LIMIT 5')) { @@ -3303,7 +3303,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per row modified + # Top host per rows modified subheaderprint "Performance schema: Top 5 host per rows modified"; $nbL=1; for my $lQuery(select_array ('select host, rows_affected from sys.host_summary_by_statement_latency order by rows_affected desc LIMIT 5')) { @@ -3321,7 +3321,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per io latency + # Top 5 host per io latency subheaderprint "Performance schema: Top 5 host per io latency"; $nbL=1; for my $lQuery(select_array ('select host, file_io_latency from sys.host_summary order by file_io_latency desc LIMIT 5')) { @@ -3330,6 +3330,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top IO type order by total io subheaderprint "Performance schema: Top IO type order by total io"; $nbL=1; for my $lQuery(select_array ('use sys;select substring(event_name,14), SUM(total)AS total from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;')) { @@ -3338,6 +3339,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top IO type order by total latency subheaderprint "Performance schema: Top IO type order by total latency"; $nbL=1; for my $lQuery(select_array ('use sys;select substring(event_name,14), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;')) { @@ -3346,6 +3348,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top IO type order by max latency subheaderprint "Performance schema: Top IO type order by max latency"; $nbL=1; for my $lQuery(select_array ('use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;')) { @@ -3354,7 +3357,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Top Stages order by total io subheaderprint "Performance schema: Top Stages order by total io"; $nbL=1; for my $lQuery(select_array ('use sys;select substring(event_name,7), SUM(total)AS total from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;')) { @@ -3363,6 +3366,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top Stages order by total latency subheaderprint "Performance schema: Top Stages order by total latency"; $nbL=1; for my $lQuery(select_array ('use sys;select substring(event_name,7), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;')) { @@ -3371,6 +3375,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top Stages order by avg latency subheaderprint "Performance schema: Top Stages order by avg latency"; $nbL=1; for my $lQuery(select_array ('use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;')) { @@ -3407,7 +3412,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Proc per allocated memory + # Process per allocated memory subheaderprint "Performance schema: Process per allocated memory"; $nbL=1; for my $lQuery(select_array ("select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;" )) { @@ -3416,6 +3421,24 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # InnoDB Lock Waits + subheaderprint "Performance schema: InnoDB Lock Waits"; + $nbL=1; + for my $lQuery(select_array ("select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;" )) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Threads IO Latency + subheaderprint "Performance schema: Thread IO Latency"; + $nbL=1; + for my $lQuery(select_array ("select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;" )) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + # High Cost SQL statements subheaderprint "Performance schema: Top 5 Most latency statements"; $nbL=1; @@ -3425,7 +3448,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - #* Top 5% slower queries + # Top 5% slower queries subheaderprint "Performance schema: Top 5 slower queries"; $nbL=1; for my $lQuery(select_array ('select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5')) { @@ -3434,7 +3457,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # + # Top 10 nb statement type subheaderprint "Performance schema: Top 10 nb statement type"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(total) as total from host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { @@ -3443,6 +3466,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top statement by total latency subheaderprint "Performance schema: Top statement by total latency"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(total_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { @@ -3451,6 +3475,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top statement by lock latency subheaderprint "Performance schema: Top statement by lock latency"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(lock_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { @@ -3459,6 +3484,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top statement by full scans subheaderprint "Performance schema: Top statement by full scans"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(full_scans) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { @@ -3467,6 +3493,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top statement by rows sent subheaderprint "Performance schema: Top statement by rows sent"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(rows_sent) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { @@ -3475,6 +3502,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Top statement by rows modified subheaderprint "Performance schema: Top statement by rows modified"; $nbL=1; for my $lQuery(select_array ('use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { @@ -3483,16 +3511,16 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - #*Use temporary tables + # Use temporary tables subheaderprint "Performance schema: Some queries using temp table"; $nbL=1; - for my $lQuery(select_array ('select query from sys.statements_with_temp_tables LIMIT 20')) { + for my $lQuery(select_array ('use sys;select query from sys.statements_with_temp_tables LIMIT 20')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - #*Unused Indexes + # Unused Indexes subheaderprint "Performance schema: Unused indexes"; $nbL=1; for my $lQuery(select_array ('select * from sys.schema_unused_indexes')) { @@ -3501,8 +3529,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - #* Full table scans - #select * from sys.`schema_tables_with_full_table_scans` + # Full table scans subheaderprint "Performance schema: Tables with full table scans"; $nbL=1; for my $lQuery(select_array ('select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC')) { @@ -3510,7 +3537,234 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + + # Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + # FILE by IO read bytes + subheaderprint "Performance schema: FILE by IO read bytes"; + $nbL=1; + for my $lQuery(select_array ("use sys;(select file, total_read from io_global_by_file_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select file, total_read from io_global_by_file_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);")) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # FILE by IO written bytes + subheaderprint "Performance schema: FILE by IO written bytes"; + $nbL=1; + for my $lQuery(select_array ("use sys;(select file, total_written from io_global_by_file_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select file, total_written from io_global_by_file_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);")) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + # file per IO total latency + subheaderprint "Performance schema: file per IO total latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select file, total_latency from io_global_by_file_by_latency ORDER BY total_latency DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # file per IO read latency + subheaderprint "Performance schema: file per IO read latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select file, read_latency from io_global_by_file_by_latency ORDER BY read_latency DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # file per IO write latency + subheaderprint "Performance schema: file per IO write latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select file, write_latency from io_global_by_file_by_latency ORDER BY write_latency DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## +#io_global_by_wait_by_bytes +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#io_global_by_wait_by_latency +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#schema_index_statistics +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#schema_object_overview +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#schema_table_statistics +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#schema_table_statistics_with_buffer +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#schema_tables_with_full_table_scans +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +#statement_analysis +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#statements_with_errors_or_warnings +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#statements_with_full_table_scans +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#statements_with_runtimes_in_95th_percentile +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#statements_with_sorting +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#statements_with_temp_tables +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#wait_classes_global_by_avg_latency +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#wait_classes_global_by_latency +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#waits_by_host_by_latency +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#waits_by_user_by_latency +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +#waits_global_by_latency +# Latest file IO by latency + subheaderprint "Performance schema: Latest FILE IO by latency"; + $nbL=1; + for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + } # Recommendations for Ariadb @@ -3598,6 +3852,67 @@ sub mariadb_tokudb { # All is to done here } +# Recommendations for XtraDB +sub mariadb_xtradb { + subheaderprint "XtraDB Metrics"; + + # XtraDB + unless ( defined $myvar{'have_xtradb'} + && $myvar{'have_xtradb'} eq "YES" ) + { + infoprint "XtraDB is disabled."; + return; + } + infoprint "XtraDB is enabled."; + + # All is to done here +} +# Recommendations for RocksDB +sub mariadb_rockdb { + subheaderprint "RocksDB Metrics"; + + # RocksDB + unless ( defined $myvar{'have_rocksdb'} + && $myvar{'have_rocksdb'} eq "YES" ) + { + infoprint "RocksDB is disabled."; + return; + } + infoprint "RocksDB is enabled."; + + # All is to done here +} +# Recommendations for Spider +sub mariadb_spider { + subheaderprint "Spider Metrics"; + + # Spider + unless ( defined $myvar{'have_spider'} + && $myvar{'have_spider'} eq "YES" ) + { + infoprint "Spider is disabled."; + return; + } + infoprint "Spider is enabled."; + + # All is to done here +} +# Recommendations for Connect +sub mariadb_connect { + subheaderprint "Connect Metrics"; + + # Connect + unless ( defined $myvar{'have_connect'} + && $myvar{'have_connect'} eq "YES" ) + { + infoprint "Connect is disabled."; + return; + } + infoprint "TokuDB is enabled."; + + # All is to done here +} + # Perl trim function to remove whitespace from the start and end of the string sub trim { my $string = shift; @@ -4547,10 +4862,14 @@ mysql_stats; # Print the server stats mysqsl_pfs; # Print Performance schema info mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats -mariadb_ariadb; # Print MaraiDB AriaDB stats mysql_innodb; # Print InnoDB stats -mariadb_tokudb; # Print MaraiDB TokuDB stats -mariadb_galera; # Print MaraiDB Galera Cluster stats +mariadb_ariadb; # Print MaraiDB AriaDB stats +mariadb_tokudb; # Print MariaDB Tokudb stats +mariadb_xtradb; # Print MariaDB XtraDB stats +mariadb_rockdb; # Print MariaDB RockDB stats +mariadb_spider; # Print MariaDB Spider stats +mariadb_connect; # Print MariaDB Connect stats +mariadb_galera; # Print MariaDB Galera Cluster stats get_replication_status; # Print replication info make_recommendations; # Make recommendations based on stats dump_result; # Dump result if debug is on From 16f0d5d9ffe026ca92c4040013ad5ba1f8fbf256 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 16:00:15 +0200 Subject: [PATCH 192/237] Adding * Event Wait by read bytes * Event Wait by write bytes --- INTERNALS.md | 4 +++- mysqltuner.pl | 19 ++++++++++++++----- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index cc9feb2..ad9b1f3 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -320,4 +320,6 @@ * File by IO written bytes * File per IO total latency * File per IO read latency -* File per IO write latency \ No newline at end of file +* File per IO write latency +* Event Wait by read bytes +* Event Wait by write bytes \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index 3606f8d..5978dd4 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3594,17 +3594,26 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#io_global_by_wait_by_bytes -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; + # Event Wait by read bytes + subheaderprint "Performance schema: Event Wait by read bytes"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ("use sys;(select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);")) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + # Event Wait by write bytes + subheaderprint "Performance schema: Event Wait written bytes"; + $nbL=1; + for my $lQuery(select_array ("use sys;(select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);")) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## + #io_global_by_wait_by_latency # Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; From ad9228d029ea0f92277a93efd896be509b339fc5 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 16:54:45 +0200 Subject: [PATCH 193/237] * Event per wait total latency * Event per wait read latency * Event per wait write latency --- INTERNALS.md | 32 ++++++++++++++++++++++++++++---- mysqltuner.pl | 29 ++++++++++++++++++++++++++++- 2 files changed, 56 insertions(+), 5 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index ad9b1f3..6094b6a 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -17,13 +17,17 @@ * [Global buffer information](#mysqltuner-global-buffer-information) * [Query cache checks](#mysqltuner-query-cache-checks) * [Slow queries checks](#mysqltuner-slow-queries-checks) +* [ThreadPool information](#mysqltuner-threadpool-information) * [Replication checks](#mysqltuner-replication-checks) * [InnoDB information](#mysqltuner-innodb-information) -* [ARIADB information](#mysqltuner-ariadb-information) * [MYISAM information](#mysqltuner-myisam-information) -* [GALERA information](#mysqltuner-galera-information) +* [ARIADB information](#mysqltuner-ariadb-information) +* [XTRADB information](#mysqltuner-xtradb-information) * [TOKUDB information](#mysqltuner-tokudb-information) -* [ThreadPool information](#mysqltuner-threadpool-information) +* [ROCKDB information](#mysqltuner-rockdb-information) +* [CONNECT information](#mysqltuner-connect-information) +* [SPIDER information](#mysqltuner-spider-information) +* [GALERA information](#mysqltuner-galera-information) * [Performance Schema information](#mysqltuner-performance-schema-and-sysschema-information) ## MySQLTuner steps @@ -266,6 +270,22 @@ * tokudb_cleaner_iterations * tokudb_fanout +## MySQLTuner XtraDB information + +* Nothing for the moment + +## MySQLTuner Connect information + +* Nothing for the moment + +## MySQLTuner Spider information + +* Nothing for the moment + +## MySQLTuner RocksDb information + +* Nothing for the moment + ## MySQLTuner Thread pool information * thread_pool_size between 16 to 36 for Innodb usage @@ -322,4 +342,8 @@ * File per IO read latency * File per IO write latency * Event Wait by read bytes -* Event Wait by write bytes \ No newline at end of file +* Event Wait by write bytes +* Event per wait total latency +* Event per wait read latency +* Event per wait write latency + diff --git a/mysqltuner.pl b/mysqltuner.pl index 5978dd4..6c2e2b9 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3612,9 +3612,36 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); +# event per wait total latency + subheaderprint "Performance schema: event per wait total latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select event_name, total_latency from io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # event per wait read latency + subheaderprint "Performance schema: event per wait read latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select event_name, read_latency from io_global_by_wait_by_latency ORDER BY read_latency DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # event per wait write latency + subheaderprint "Performance schema: event per wait write latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select event_name, write_latency from io_global_by_wait_by_latency ORDER BY write_latency DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + ################################################################################## -#io_global_by_wait_by_latency + # Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; From f826adecf250a8375a09b62a2c68c507c8b494cc Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 18:14:52 +0200 Subject: [PATCH 194/237] * TOP 15 most read indexes * TOP 15 most modified indexes * TOP 15 higth select latency index * TOP 15 higth insert latency index * TOP 15 higth update latency index * TOP 15 higth delete latency index --- INTERNALS.md | 7 ++++- mysqltuner.pl | 84 ++++++++++++++++++++++++++++++++++++--------------- 2 files changed, 65 insertions(+), 26 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 6094b6a..ad83ef2 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -346,4 +346,9 @@ * Event per wait total latency * Event per wait read latency * Event per wait write latency - +* TOP 15 most read indexes +* TOP 15 most modified indexes +* TOP 15 higth select latency index +* TOP 15 higth insert latency index +* TOP 15 higth update latency index +* TOP 15 higth delete latency index \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index 6c2e2b9..fabd4e5 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3424,7 +3424,7 @@ sub mysqsl_pfs { # InnoDB Lock Waits subheaderprint "Performance schema: InnoDB Lock Waits"; $nbL=1; - for my $lQuery(select_array ("select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;" )) { + for my $lQuery(select_array ("use sys;select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;" )) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3433,7 +3433,7 @@ sub mysqsl_pfs { # Threads IO Latency subheaderprint "Performance schema: Thread IO Latency"; $nbL=1; - for my $lQuery(select_array ("select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;" )) { + for my $lQuery(select_array ("use sys;select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;" )) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3612,7 +3612,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); -# event per wait total latency + # event per wait total latency subheaderprint "Performance schema: event per wait total latency"; $nbL=1; for my $lQuery(select_array ('use sys;select event_name, total_latency from io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;')) { @@ -3639,29 +3639,63 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); + #schema_index_statistics + # TOP 15 most read index + subheaderprint "TOP 15 most read indexes"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, rows_selected from schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 most used index + subheaderprint "TOP 15 most modified indexes"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 higth read latency index + subheaderprint "TOP 15 higth read latency index"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 higth insert latency index + subheaderprint "TOP 15 most modified indexes"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 higth update latency index + subheaderprint "TOP 15 higth update latency index"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 higth delete latency index + subheaderprint "TOP 15 higth delete latency index"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + ################################################################################## - - -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; - $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - -#schema_index_statistics -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; - $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - -#schema_object_overview +#sc2hema_object_overview # Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; From 101c13baed21b3d4d8a607f05cb9e9c971402c2b Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 18:18:26 +0200 Subject: [PATCH 195/237] Typo fix --- INTERNALS.md | 8 ++++---- mysqltuner.pl | 14 +++++++------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index ad83ef2..cfe2b5a 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -348,7 +348,7 @@ * Event per wait write latency * TOP 15 most read indexes * TOP 15 most modified indexes -* TOP 15 higth select latency index -* TOP 15 higth insert latency index -* TOP 15 higth update latency index -* TOP 15 higth delete latency index \ No newline at end of file +* TOP 15 high select latency index +* TOP 15 high insert latency index +* TOP 15 high update latency index +* TOP 15 high delete latency index \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index fabd4e5..31a026c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3658,8 +3658,8 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # TOP 15 higth read latency index - subheaderprint "TOP 15 higth read latency index"; + # TOP 15 high read latency index + subheaderprint "TOP 15 high read latency index"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3667,7 +3667,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # TOP 15 higth insert latency index + # TOP 15 high insert latency index subheaderprint "TOP 15 most modified indexes"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;')) { @@ -3676,8 +3676,8 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # TOP 15 higth update latency index - subheaderprint "TOP 15 higth update latency index"; + # TOP 15 high update latency index + subheaderprint "TOP 15 high update latency index"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3685,8 +3685,8 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # TOP 15 higth delete latency index - subheaderprint "TOP 15 higth delete latency index"; + # TOP 15 high delete latency index + subheaderprint "TOP 15 high delete latency index"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; From e684a45120be356e6e4f960bcb71f07ce20c1bda Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 18:39:56 +0200 Subject: [PATCH 196/237] * TOP 15 most read tables * TOP 15 most modified tables * TOP 15 high select latency tables * TOP 15 high insert latency tables * TOP 15 high update latency tables * TOP 15 high delete latency tables --- INTERNALS.md | 8 ++++- mysqltuner.pl | 81 ++++++++++++++++++++++++++++++++++++++++----------- 2 files changed, 71 insertions(+), 18 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index cfe2b5a..77ec49a 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -351,4 +351,10 @@ * TOP 15 high select latency index * TOP 15 high insert latency index * TOP 15 high update latency index -* TOP 15 high delete latency index \ No newline at end of file +* TOP 15 high delete latency index +* TOP 15 most read tables +* TOP 15 most modified tables +* TOP 15 high select latency tables +* TOP 15 high insert latency tables +* TOP 15 high update latency tables +* TOP 15 high delete latency tables \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index 31a026c..bc45d6f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3695,25 +3695,61 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); ################################################################################## -#sc2hema_object_overview -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; +#schema_table_statistics + # TOP 15 most read tables + subheaderprint "TOP 15 most read tables"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name, rows_fetched from schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -#schema_table_statistics -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; + # TOP 15 most used tables + subheaderprint "TOP 15 most modified tables"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 high read latency tables + subheaderprint "TOP 15 high read latency tables"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 high insert latency tables + subheaderprint "TOP 15 high insert latency tables"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 high update latency tables + subheaderprint "TOP 15 high update latency tables"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # TOP 15 high delete latency tables + subheaderprint "TOP 15 high delete latency tables"; + $nbL=1; + for my $lQuery(select_array ('use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); +################################################################################## #schema_table_statistics_with_buffer # Latest file IO by latency @@ -3725,6 +3761,8 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); +################################################################################## + #schema_tables_with_full_table_scans # Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; @@ -3735,8 +3773,9 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); +################################################################################## + #statement_analysis -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3753,8 +3792,10 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## + #statements_with_full_table_scans -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3771,8 +3812,9 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); +################################################################################## + #statements_with_sorting -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3780,8 +3822,10 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## + #statements_with_temp_tables -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3789,8 +3833,9 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## #wait_classes_global_by_avg_latency -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3798,8 +3843,9 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## #wait_classes_global_by_latency -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3807,8 +3853,8 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); +################################################################################## #waits_by_host_by_latency -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3816,8 +3862,9 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + +################################################################################## #waits_by_user_by_latency -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { @@ -3825,8 +3872,8 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); +################################################################################## #waits_global_by_latency -# Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; $nbL=1; for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { From c10c7e81ec875a6d309deca332754b01cefe9ab9 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 10 Oct 2016 19:03:40 +0200 Subject: [PATCH 197/237] Redundant indexes" --- INTERNALS.md | 3 +- mysqltuner.pl | 377 +++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 330 insertions(+), 50 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 77ec49a..e032dd6 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -357,4 +357,5 @@ * TOP 15 high select latency tables * TOP 15 high insert latency tables * TOP 15 high update latency tables -* TOP 15 high delete latency tables \ No newline at end of file +* TOP 15 high delete latency tables +* Redundant indexes \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index bc45d6f..b647dc0 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3641,7 +3641,7 @@ sub mysqsl_pfs { #schema_index_statistics # TOP 15 most read index - subheaderprint "TOP 15 most read indexes"; + subheaderprint "Performance schema: TOP 15 most read indexes"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, rows_selected from schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3650,7 +3650,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 most used index - subheaderprint "TOP 15 most modified indexes"; + subheaderprint "Performance schema: TOP 15 most modified indexes"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3659,7 +3659,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high read latency index - subheaderprint "TOP 15 high read latency index"; + subheaderprint "Performance schema: TOP 15 high read latency index"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3668,7 +3668,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high insert latency index - subheaderprint "TOP 15 most modified indexes"; + subheaderprint "Performance schema: TOP 15 most modified indexes"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3677,7 +3677,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high update latency index - subheaderprint "TOP 15 high update latency index"; + subheaderprint "Performance schema: TOP 15 high update latency index"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3686,7 +3686,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high delete latency index - subheaderprint "TOP 15 high delete latency index"; + subheaderprint "Performance schema: TOP 15 high delete latency index"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3697,7 +3697,7 @@ sub mysqsl_pfs { ################################################################################## #schema_table_statistics # TOP 15 most read tables - subheaderprint "TOP 15 most read tables"; + subheaderprint "Performance schema: TOP 15 most read tables"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name, rows_fetched from schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3706,7 +3706,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 most used tables - subheaderprint "TOP 15 most modified tables"; + subheaderprint "Performance schema: TOP 15 most modified tables"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3715,7 +3715,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high read latency tables - subheaderprint "TOP 15 high read latency tables"; + subheaderprint "Performance schema: TOP 15 high read latency tables"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3724,7 +3724,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high insert latency tables - subheaderprint "TOP 15 high insert latency tables"; + subheaderprint "Performance schema: TOP 15 high insert latency tables"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3733,7 +3733,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high update latency tables - subheaderprint "TOP 15 high update latency tables"; + subheaderprint "Performance schema: TOP 15 high update latency tables"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3742,47 +3742,93 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # TOP 15 high delete latency tables - subheaderprint "TOP 15 high delete latency tables"; + subheaderprint "Performance schema: TOP 15 high delete latency tables"; $nbL=1; for my $lQuery(select_array ('use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + + # Redundant indexes + subheaderprint "Performance schema: Redundant indexes"; + $nbL=1; + for my $lQuery(select_array ('use sys;select * from schema_redundant_indexes;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + ################################################################################## #schema_table_statistics_with_buffer -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; +#io_read_requests: 8 +# io_read: 66.04 KiB +# io_read_latency: 2.47 ms +#io_write_requests: 0 +# io_write: 0 bytes +# io_write_latency: 0 ps +# io_misc_requests: 8 +# io_misc_latency: 1.34 ms +# innodb_buffer_allocated: NULL +# innodb_buffer_data: NULL +# innodb_buffer_free: NULL +# innodb_buffer_pages: NULL +#innodb_buffer_pages_hashed: NULL +# innodb_buffer_pages_old: NULL +# innodb_buffer_rows_cached: NULL +# Select * from schema_table_statistics_with_buffer + +return; + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); ################################################################################## - -#schema_tables_with_full_table_scans -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; - $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - -################################################################################## - #statement_analysis - subheaderprint "Performance schema: Latest FILE IO by latency"; +#mysql> desc statement_analysis; +#+-------------------+---------------------+------+-----+---------------------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+-------------------+---------------------+------+-----+---------------------+-------+ +#| query | longtext | YES | | NULL | | +#| db | varchar(64) | YES | | NULL | | +#| full_scan | varchar(1) | NO | | | | +#| exec_count | bigint(20) unsigned | NO | | NULL | | +#| err_count | bigint(20) unsigned | NO | | NULL | | +#| warn_count | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| max_latency | text | YES | | NULL | | +#| avg_latency | text | YES | | NULL | | +#| lock_latency | text | YES | | NULL | | +#| rows_sent | bigint(20) unsigned | NO | | NULL | | +#| rows_sent_avg | decimal(21,0) | NO | | 0 | | +#| rows_examined | bigint(20) unsigned | NO | | NULL | | +#| rows_examined_avg | decimal(21,0) | NO | | 0 | | +#| rows_affected | bigint(20) unsigned | NO | | NULL | | +#| rows_affected_avg | decimal(21,0) | NO | | 0 | | +#| tmp_tables | bigint(20) unsigned | NO | | NULL | | +#| tmp_disk_tables | bigint(20) unsigned | NO | | NULL | | +#| rows_sorted | bigint(20) unsigned | NO | | NULL | | +#| sort_merge_passes | bigint(20) unsigned | NO | | NULL | | +#| digest | varchar(32) | YES | | NULL | | +#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#+-------------------+---------------------+------+-----+---------------------+-------+ +#23 rows in set (0,01 sec) + + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); +######################################################################### #statements_with_errors_or_warnings # Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; @@ -3796,28 +3842,107 @@ sub mysqsl_pfs { ################################################################################## #statements_with_full_table_scans - subheaderprint "Performance schema: Latest FILE IO by latency"; +#mysql> desc statements_with_full_table_scans; +#+--------------------------+------------------------+------+-----+---------------------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+--------------------------+------------------------+------+-----+---------------------+-------+ +#| query | longtext | YES | | NULL | | +#| db | varchar(64) | YES | | NULL | | +#| exec_count | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| no_index_used_count | bigint(20) unsigned | NO | | NULL | | +#| no_good_index_used_count | bigint(20) unsigned | NO | | NULL | | +#| no_index_used_pct | decimal(24,0) | NO | | 0 | | +#| rows_sent | bigint(20) unsigned | NO | | NULL | | +#| rows_examined | bigint(20) unsigned | NO | | NULL | | +#| rows_sent_avg | decimal(21,0) unsigned | YES | | NULL | | +#| rows_examined_avg | decimal(21,0) unsigned | YES | | NULL | | +#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| digest | varchar(32) | YES | | NULL | | +#+--------------------------+------------------------+------+-----+---------------------+-------+ +#14 rows in set (0,00 sec) +# + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); +######################################################################### + #statements_with_runtimes_in_95th_percentile -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; + +#mysql> select * from statements_with_runtimes_in_95th_percentile; +#+-------------------------------------------------------------------+------+-----------+------------+-----------+------------+---------------+-------------+-------------+-----------+---------------+---------------+-------------------+---------------------+---------------------+----------------------------------+ +#| query | db | full_scan | exec_count | err_count | warn_count | total_latency | max_latency | avg_latency | rows_sent | rows_sent_avg | rows_examined | rows_examined_avg | first_seen | last_seen | digest | +#+-------------------------------------------------------------------+------+-----------+------------+-----------+------------+---------------+-------------+-------------+-----------+---------------+---------------+-------------------+---------------------+---------------------+----------------------------------+ +#| SELECT `sys` . `format_path` ( ... DER BY `performance_schema` . | sys | * | 31 | 0 | 0 | 5.88 s | 248.36 ms | 189.62 ms | 878 | 28 | 4309600 | 139019 | 2016-10-10 15:06:03 | 2016-10-10 18:57:03 | 5725848cdc48f0d86f4894b6fe0f87af | +#| SELECT IF ( ( `locate` ( ? , ` ... . `COMPRESSED_SIZE` ) ) DESC | sys | * | 3 | 0 | 0 | 307.41 ms | 109.74 ms | 102.47 ms | 6 | 2 | 52303 | 17434 | 2016-10-10 18:43:59 | 2016-10-10 18:45:24 | 59abe341d11b5307fbd8419b0b9a7bc3 | +#| SELECT IF ( ( `locate` ( ? , ` ... . `COMPRESSED_SIZE` ) ) DESC | NULL | * | 14 | 0 | 0 | 1.31 s | 184.00 ms | 93.61 ms | 42 | 3 | 232435 | 16603 | 2016-10-10 14:12:20 | 2016-10-10 18:57:02 | a7a8900602e4ad6155c15c5d15d49950 | +#| SELECT `sys` . `format_path` ( ... ) ) , ? ) ) AS `avg_write` , | sys | * | 36 | 6 | 0 | 3.19 s | 290.44 ms | 88.57 ms | 1510 | 42 | 1777309 | 49370 | 2016-10-10 14:55:31 | 2016-10-10 18:57:03 | 907d39d1d563a1d31828e55581f8b59e | +#| SELECT IF ( ( `locate` ( ? , ` ... . `COMPRESSED_SIZE` ) ) DESC | NULL | * | 14 | 0 | 0 | 1.13 s | 104.12 ms | 81.03 ms | 378 | 27 | 233942 | 16710 | 2016-10-10 14:12:20 | 2016-10-10 18:57:02 | 6643b924d5cbf8d1b01448d7ab04a957 | +#+-------------------------------------------------------------------+------+-----------+------------+-----------+------------+---------------+-------------+-------------+-----------+---------------+---------------+-------------------+---------------------+---------------------+----------------------------------+ +#5 rows in set (0,02 sec) +# +#mysql> desc statements_with_runtimes_in_95th_percentile; +#+-------------------+---------------------+------+-----+---------------------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+-------------------+---------------------+------+-----+---------------------+-------+ +#| query | longtext | YES | | NULL | | +#| db | varchar(64) | YES | | NULL | | +#| full_scan | varchar(1) | NO | | | | +#| exec_count | bigint(20) unsigned | NO | | NULL | | +#| err_count | bigint(20) unsigned | NO | | NULL | | +#| warn_count | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| max_latency | text | YES | | NULL | | +#| avg_latency | text | YES | | NULL | | +#| rows_sent | bigint(20) unsigned | NO | | NULL | | +#| rows_sent_avg | decimal(21,0) | NO | | 0 | | +#| rows_examined | bigint(20) unsigned | NO | | NULL | | +#| rows_examined_avg | decimal(21,0) | NO | | 0 | | +#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| digest | varchar(32) | YES | | NULL | | +#+-------------------+---------------------+------+-----+---------------------+-------+ +#16 rows in set (0,00 sec) + + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); +######################################################################### ################################################################################## #statements_with_sorting - subheaderprint "Performance schema: Latest FILE IO by latency"; +#mysql> desc statements_with_sorting; +#+-------------------+---------------------+------+-----+---------------------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+-------------------+---------------------+------+-----+---------------------+-------+ +#| query | longtext | YES | | NULL | | +#| db | varchar(64) | YES | | NULL | | +#| exec_count | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| sort_merge_passes | bigint(20) unsigned | NO | | NULL | | +#| avg_sort_merges | decimal(21,0) | NO | | 0 | | +#| sorts_using_scans | bigint(20) unsigned | NO | | NULL | | +#| sort_using_range | bigint(20) unsigned | NO | | NULL | | +#| rows_sorted | bigint(20) unsigned | NO | | NULL | | +#| avg_rows_sorted | decimal(21,0) | NO | | 0 | | +#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| digest | varchar(32) | YES | | NULL | | +#+-------------------+---------------------+------+-----+---------------------+-------+ +#13 rows in set (0,00 sec) + + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3826,9 +3951,28 @@ sub mysqsl_pfs { ################################################################################## #statements_with_temp_tables - subheaderprint "Performance schema: Latest FILE IO by latency"; + +#mysql> desc statements_with_temp_tables; +#+--------------------------+---------------------+------+-----+---------------------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+--------------------------+---------------------+------+-----+---------------------+-------+ +#| query | longtext | YES | | NULL | | +#| db | varchar(64) | YES | | NULL | | +#| exec_count | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| memory_tmp_tables | bigint(20) unsigned | NO | | NULL | | +#| disk_tmp_tables | bigint(20) unsigned | NO | | NULL | | +#| avg_tmp_tables_per_query | decimal(21,0) | NO | | 0 | | +#| tmp_tables_to_disk_pct | decimal(24,0) | NO | | 0 | | +#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | +#| digest | varchar(32) | YES | | NULL | | +#+--------------------------+---------------------+------+-----+---------------------+-------+ +#11 rows in set (0,01 sec)# +# + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3836,9 +3980,19 @@ sub mysqsl_pfs { ################################################################################## #wait_classes_global_by_avg_latency - subheaderprint "Performance schema: Latest FILE IO by latency"; +#mysql> select * from wait_classes_global_by_avg_latency; +#+-----------------+-------+---------------+-------------+-------------+-------------+ +#| event_class | total | total_latency | min_latency | avg_latency | max_latency | +#+-----------------+-------+---------------+-------------+-------------+-------------+ +#| wait/io/table | 54 | 7.34 ms | 5.45 us | 135.89 us | 3.95 ms | +#| wait/io/file | 14441 | 1.22 s | 0 ps | 84.48 us | 230.64 ms | +#| wait/lock/table | 63 | 2.29 ms | 658.84 ns | 36.38 us | 1.10 ms | +#+-----------------+-------+---------------+-------------+-------------+-------------+ +#3 rows in set (0,02 sec) +# + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3846,18 +4000,72 @@ sub mysqsl_pfs { ################################################################################## #wait_classes_global_by_latency - subheaderprint "Performance schema: Latest FILE IO by latency"; + +#ysql> select * from wait_classes_global_by_latency; +#-----------------+-------+---------------+-------------+-------------+-------------+ +# event_class | total | total_latency | min_latency | avg_latency | max_latency | +#-----------------+-------+---------------+-------------+-------------+-------------+ +# wait/io/file | 15381 | 1.23 s | 0 ps | 80.12 us | 230.64 ms | +# wait/io/table | 59 | 7.57 ms | 5.45 us | 128.24 us | 3.95 ms | +# wait/lock/table | 69 | 3.22 ms | 658.84 ns | 46.64 us | 1.10 ms | +#-----------------+-------+---------------+-------------+-------------+-------------+ +# rows in set (0,00 sec) + +subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + ################################################################################## #waits_by_host_by_latency - subheaderprint "Performance schema: Latest FILE IO by latency"; +#+---------------+---------------------+------+-----+---------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+---------------+---------------------+------+-----+---------+-------+ +#| host | varchar(60) | YES | | NULL | | +#| event | varchar(128) | NO | | NULL | | +#| total | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| avg_latency | text | YES | | NULL | | +#| max_latency | text | YES | | NULL | | +#+---------------+---------------------+------+-----+---------+-------+ +#6 rows in set (0,00 sec) +# +#mysql> select * from waits_by_host_by_latency; +#+------------+--------------------------------------+-------+---------------+-------------+-------------+ +#| host | event | total | total_latency | avg_latency | max_latency | +#+------------+--------------------------------------+-------+---------------+-------------+-------------+ +#| background | wait/io/file/innodb/innodb_data_file | 3557 | 542.77 ms | 152.59 us | 230.64 ms | +#| background | wait/io/file/sql/FRM | 1365 | 299.94 ms | 219.74 us | 57.13 ms | +#| background | wait/io/file/innodb/innodb_log_file | 22 | 117.31 ms | 5.33 ms | 67.12 ms | +#| background | wait/io/file/sql/ERRMSG | 5 | 40.72 ms | 8.14 ms | 20.47 ms | +#| background | wait/io/file/myisam/kfile | 33 | 20.30 ms | 615.27 us | 13.90 ms | +#| background | wait/io/file/myisam/dfile | 24 | 6.38 ms | 265.94 us | 2.20 ms | +#| background | wait/io/file/sql/casetest | 15 | 3.82 ms | 254.61 us | 3.40 ms | +#| background | wait/io/file/mysys/charset | 3 | 3.51 ms | 1.17 ms | 3.46 ms | +#| background | wait/io/file/mysys/cnf | 5 | 1.72 ms | 344.81 us | 1.61 ms | +#| background | wait/io/file/sql/pid | 3 | 59.35 us | 19.78 us | 41.86 us | +#| background | wait/io/file/sql/global_ddl_log | 2 | 50.55 us | 25.28 us | 47.35 us | +#| localhost | wait/io/file/sql/FRM | 702 | 74.00 ms | 105.41 us | 4.04 ms | +#| localhost | wait/io/file/myisam/dfile | 7845 | 62.58 ms | 7.98 us | 4.95 ms | +#| localhost | wait/io/file/sql/io_cache | 256 | 17.74 ms | 69.28 us | 1.19 ms | +#| localhost | wait/io/file/innodb/innodb_data_file | 76 | 14.54 ms | 191.30 us | 2.79 ms | +#| localhost | wait/io/table/sql/handler | 54 | 7.34 ms | 135.89 us | 3.95 ms | +#| localhost | wait/io/file/sql/file_parser | 328 | 7.01 ms | 21.37 us | 840.04 us | +#| localhost | wait/io/file/csv/data | 163 | 2.61 ms | 15.99 us | 859.49 us | +#| localhost | wait/lock/table/sql/handler | 63 | 2.29 ms | 36.38 us | 1.10 ms | +#| localhost | wait/io/file/myisam/kfile | 12 | 1.65 ms | 137.40 us | 565.79 us | +#| localhost | wait/io/file/csv/metadata | 8 | 1.51 ms | 188.29 us | 529.71 us | +#| localhost | wait/io/file/sql/dbopt | 16 | 1.26 ms | 78.96 us | 821.28 us | +#| localhost | wait/io/file/archive/data | 7 | 566.20 us | 80.89 us | 449.58 us | +#+------------+--------------------------------------+-------+---------------+-------------+-------------+ +#23 rows in set (0,01 sec) +# + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3865,18 +4073,89 @@ sub mysqsl_pfs { ################################################################################## #waits_by_user_by_latency - subheaderprint "Performance schema: Latest FILE IO by latency"; +#mysql> select * from waits_by_user_by_latency; +#+------+--------------------------------------+-------+---------------+-------------+-------------+ +#| user | event | total | total_latency | avg_latency | max_latency | +#+------+--------------------------------------+-------+---------------+-------------+-------------+ +#| root | wait/io/file/sql/FRM | 702 | 74.00 ms | 105.41 us | 4.04 ms | +#| root | wait/io/file/myisam/dfile | 7845 | 62.58 ms | 7.98 us | 4.95 ms | +#| root | wait/io/file/sql/io_cache | 256 | 17.74 ms | 69.28 us | 1.19 ms | +#| root | wait/io/file/innodb/innodb_data_file | 76 | 14.54 ms | 191.30 us | 2.79 ms | +#| root | wait/io/table/sql/handler | 54 | 7.34 ms | 135.89 us | 3.95 ms | +#| root | wait/io/file/sql/file_parser | 328 | 7.01 ms | 21.37 us | 840.04 us | +#| root | wait/io/file/csv/data | 163 | 2.61 ms | 15.99 us | 859.49 us | +#| root | wait/lock/table/sql/handler | 63 | 2.29 ms | 36.38 us | 1.10 ms | +#| root | wait/io/file/myisam/kfile | 12 | 1.65 ms | 137.40 us | 565.79 us | +#| root | wait/io/file/csv/metadata | 8 | 1.51 ms | 188.29 us | 529.71 us | +#| root | wait/io/file/sql/dbopt | 16 | 1.26 ms | 78.96 us | 821.28 us | +#| root | wait/io/file/archive/data | 7 | 566.20 us | 80.89 us | 449.58 us | +#+------+--------------------------------------+-------+---------------+-------------+-------------+ +#12 rows in set (0,01 sec) +# +#mysql> desc waits_by_user_by_latency; +#+---------------+---------------------+------+-----+---------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+---------------+---------------------+------+-----+---------+-------+ +#| user | varchar(32) | YES | | NULL | | +#| event | varchar(128) | NO | | NULL | | +#| total | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| avg_latency | text | YES | | NULL | | +#| max_latency | text | YES | | NULL | | +#+---------------+---------------------+------+-----+---------+-------+ +#6 rows in set (0,00 sec) +# + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); ################################################################################## #waits_global_by_latency - subheaderprint "Performance schema: Latest FILE IO by latency"; +#mysql> select * from waits_global_by_latency; +#+--------------------------------------+-------+---------------+-------------+-------------+ +#| events | total | total_latency | avg_latency | max_latency | +#+--------------------------------------+-------+---------------+-------------+-------------+ +#| wait/io/file/innodb/innodb_data_file | 3636 | 557.43 ms | 153.31 us | 230.64 ms | +#| wait/io/file/sql/FRM | 2167 | 375.60 ms | 173.33 us | 57.13 ms | +#| wait/io/file/innodb/innodb_log_file | 22 | 117.31 ms | 5.33 ms | 67.12 ms | +#| wait/io/file/myisam/dfile | 7869 | 68.97 ms | 8.76 us | 4.95 ms | +#| wait/io/file/sql/ERRMSG | 5 | 40.72 ms | 8.14 ms | 20.47 ms | +#| wait/io/file/myisam/kfile | 45 | 21.95 ms | 487.84 us | 13.90 ms | +#| wait/io/file/sql/io_cache | 256 | 17.74 ms | 69.28 us | 1.19 ms | +#| wait/io/table/sql/handler | 54 | 7.34 ms | 135.89 us | 3.95 ms | +#| wait/io/file/sql/file_parser | 228 | 5.35 ms | 23.48 us | 840.04 us | +#| wait/io/file/sql/casetest | 15 | 3.82 ms | 254.61 us | 3.40 ms | +#| wait/io/file/mysys/charset | 3 | 3.51 ms | 1.17 ms | 3.46 ms | +#| wait/io/file/csv/data | 163 | 2.61 ms | 15.99 us | 859.49 us | +#| wait/lock/table/sql/handler | 63 | 2.29 ms | 36.38 us | 1.10 ms | +#| wait/io/file/mysys/cnf | 5 | 1.72 ms | 344.81 us | 1.61 ms | +#| wait/io/file/csv/metadata | 8 | 1.51 ms | 188.29 us | 529.71 us | +#| wait/io/file/sql/dbopt | 16 | 1.26 ms | 78.96 us | 821.28 us | +#| wait/io/file/archive/data | 7 | 566.20 us | 80.89 us | 449.58 us | +#| wait/io/file/sql/pid | 3 | 59.35 us | 19.78 us | 41.86 us | +#| wait/io/file/sql/global_ddl_log | 2 | 50.55 us | 25.28 us | 47.35 us | +#+--------------------------------------+-------+---------------+-------------+-------------+ +#19 rows in set (0,01 sec) +# +#mysql> desc waits_global_by_latency +# -> ; +#+---------------+---------------------+------+-----+---------+-------+ +#| Field | Type | Null | Key | Default | Extra | +#+---------------+---------------------+------+-----+---------+-------+ +#| events | varchar(128) | NO | | NULL | | +#| total | bigint(20) unsigned | NO | | NULL | | +#| total_latency | text | YES | | NULL | | +#| avg_latency | text | YES | | NULL | | +#| max_latency | text | YES | | NULL | | +#+---------------+---------------------+------+-----+---------+-------+ +#5 rows in set (0,00 sec) +# + subheaderprint "Performance schema: XXXXXXX"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array ('select "none";')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } From cff9e629330239a31bdfd191278cc891ed0c84c7 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 17 Oct 2016 17:04:10 +0200 Subject: [PATCH 198/237] Adding new indicators from sys schema --- INTERNALS.md | 21 +++- mysqltuner.pl | 289 +++++++++++++++++++++++++++++++------------------- 2 files changed, 200 insertions(+), 110 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index e032dd6..60df087 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -358,4 +358,23 @@ * TOP 15 high insert latency tables * TOP 15 high update latency tables * TOP 15 high delete latency tables -* Redundant indexes \ No newline at end of file +* Redundant indexes +* Tables not using InnoDb buffer +* Top 15 Tables using InnoDb buffer +* Top 15 Tables with InnoDb buffer free +* Top 15 Most executed queries +* Latest SQL queries in errors or warnings +* Top 20 queries with full table scans +* TOP 15 reader queries (95% percentile) +* TOP 15 row look queries (95% percentile) +* TOP 15 total latency queries (95% percentile) +* TOP 15 max latency queries (95% percentile) +* TOP 15 average latency queries (95% percentile) +* Top 20 queries with sort +* Last 50 queries with sort +* TOP 15 row sorting queries with sort +* TOP 15 total latency queries with sort +* TOP 15 merge queries with sort +* TOP 15 average sort merges queries with sort +* TOP 15 scans queries with sort +* TOP 15 range queries with sort diff --git a/mysqltuner.pl b/mysqltuner.pl index b647dc0..2ad619f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3694,8 +3694,6 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#schema_table_statistics # TOP 15 most read tables subheaderprint "Performance schema: TOP 15 most read tables"; $nbL=1; @@ -3759,81 +3757,57 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - -################################################################################## - -#schema_table_statistics_with_buffer -#io_read_requests: 8 -# io_read: 66.04 KiB -# io_read_latency: 2.47 ms -#io_write_requests: 0 -# io_write: 0 bytes -# io_write_latency: 0 ps -# io_misc_requests: 8 -# io_misc_latency: 1.34 ms -# innodb_buffer_allocated: NULL -# innodb_buffer_data: NULL -# innodb_buffer_free: NULL -# innodb_buffer_pages: NULL -#innodb_buffer_pages_hashed: NULL -# innodb_buffer_pages_old: NULL -# innodb_buffer_rows_cached: NULL -# Select * from schema_table_statistics_with_buffer - -return; - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: Tables not using InnoDb buffer"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#statement_analysis -#mysql> desc statement_analysis; -#+-------------------+---------------------+------+-----+---------------------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+-------------------+---------------------+------+-----+---------------------+-------+ -#| query | longtext | YES | | NULL | | -#| db | varchar(64) | YES | | NULL | | -#| full_scan | varchar(1) | NO | | | | -#| exec_count | bigint(20) unsigned | NO | | NULL | | -#| err_count | bigint(20) unsigned | NO | | NULL | | -#| warn_count | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| max_latency | text | YES | | NULL | | -#| avg_latency | text | YES | | NULL | | -#| lock_latency | text | YES | | NULL | | -#| rows_sent | bigint(20) unsigned | NO | | NULL | | -#| rows_sent_avg | decimal(21,0) | NO | | 0 | | -#| rows_examined | bigint(20) unsigned | NO | | NULL | | -#| rows_examined_avg | decimal(21,0) | NO | | 0 | | -#| rows_affected | bigint(20) unsigned | NO | | NULL | | -#| rows_affected_avg | decimal(21,0) | NO | | 0 | | -#| tmp_tables | bigint(20) unsigned | NO | | NULL | | -#| tmp_disk_tables | bigint(20) unsigned | NO | | NULL | | -#| rows_sorted | bigint(20) unsigned | NO | | NULL | | -#| sort_merge_passes | bigint(20) unsigned | NO | | NULL | | -#| digest | varchar(32) | YES | | NULL | | -#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#+-------------------+---------------------+------+-----+---------------------+-------+ -#23 rows in set (0,01 sec) - - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: Table not using InnoDb buffer"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -######################################################################### -#statements_with_errors_or_warnings -# Latest file IO by latency - subheaderprint "Performance schema: Latest FILE IO by latency"; + subheaderprint "Performance schema: Table not using InnoDb buffer"; $nbL=1; - for my $lQuery(select_array ('select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { + for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top 15 Tables using InnoDb buffer"; + $nbL=1; + for my $lQuery(select_array ('Select table_schema, table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + subheaderprint "Performance schema: Top 15 Tables with InnoDb buffer free"; + $nbL=1; + for my $lQuery(select_array ('Select table_schema, table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Top 15 Most executed queries"; + $nbL=1; + for my $lQuery(select_array ('select db, query, exec_count from sys.statement_analysis order by exec_count DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Latest SQL queries in errors or warnings"; + $nbL=1; + for my $lQuery(select_array ('select query, last_seen from sys.statements_with_errors_or_warnings ORDER BY last_seen LIMIT 100;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3863,62 +3837,131 @@ return; #+--------------------------+------------------------+------+-----+---------------------+-------+ #14 rows in set (0,00 sec) # - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: Top 20 queries with full table scans"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_full_table_scans order BY exec_count DESC LIMIT 20;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -######################################################################### -#statements_with_runtimes_in_95th_percentile - -#mysql> select * from statements_with_runtimes_in_95th_percentile; -#+-------------------------------------------------------------------+------+-----------+------------+-----------+------------+---------------+-------------+-------------+-----------+---------------+---------------+-------------------+---------------------+---------------------+----------------------------------+ -#| query | db | full_scan | exec_count | err_count | warn_count | total_latency | max_latency | avg_latency | rows_sent | rows_sent_avg | rows_examined | rows_examined_avg | first_seen | last_seen | digest | -#+-------------------------------------------------------------------+------+-----------+------------+-----------+------------+---------------+-------------+-------------+-----------+---------------+---------------+-------------------+---------------------+---------------------+----------------------------------+ -#| SELECT `sys` . `format_path` ( ... DER BY `performance_schema` . | sys | * | 31 | 0 | 0 | 5.88 s | 248.36 ms | 189.62 ms | 878 | 28 | 4309600 | 139019 | 2016-10-10 15:06:03 | 2016-10-10 18:57:03 | 5725848cdc48f0d86f4894b6fe0f87af | -#| SELECT IF ( ( `locate` ( ? , ` ... . `COMPRESSED_SIZE` ) ) DESC | sys | * | 3 | 0 | 0 | 307.41 ms | 109.74 ms | 102.47 ms | 6 | 2 | 52303 | 17434 | 2016-10-10 18:43:59 | 2016-10-10 18:45:24 | 59abe341d11b5307fbd8419b0b9a7bc3 | -#| SELECT IF ( ( `locate` ( ? , ` ... . `COMPRESSED_SIZE` ) ) DESC | NULL | * | 14 | 0 | 0 | 1.31 s | 184.00 ms | 93.61 ms | 42 | 3 | 232435 | 16603 | 2016-10-10 14:12:20 | 2016-10-10 18:57:02 | a7a8900602e4ad6155c15c5d15d49950 | -#| SELECT `sys` . `format_path` ( ... ) ) , ? ) ) AS `avg_write` , | sys | * | 36 | 6 | 0 | 3.19 s | 290.44 ms | 88.57 ms | 1510 | 42 | 1777309 | 49370 | 2016-10-10 14:55:31 | 2016-10-10 18:57:03 | 907d39d1d563a1d31828e55581f8b59e | -#| SELECT IF ( ( `locate` ( ? , ` ... . `COMPRESSED_SIZE` ) ) DESC | NULL | * | 14 | 0 | 0 | 1.13 s | 104.12 ms | 81.03 ms | 378 | 27 | 233942 | 16710 | 2016-10-10 14:12:20 | 2016-10-10 18:57:02 | 6643b924d5cbf8d1b01448d7ab04a957 | -#+-------------------------------------------------------------------+------+-----------+------------+-----------+------------+---------------+-------------+-------------+-----------+---------------+---------------+-------------------+---------------------+---------------------+----------------------------------+ -#5 rows in set (0,02 sec) -# -#mysql> desc statements_with_runtimes_in_95th_percentile; -#+-------------------+---------------------+------+-----+---------------------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+-------------------+---------------------+------+-----+---------------------+-------+ -#| query | longtext | YES | | NULL | | -#| db | varchar(64) | YES | | NULL | | -#| full_scan | varchar(1) | NO | | | | -#| exec_count | bigint(20) unsigned | NO | | NULL | | -#| err_count | bigint(20) unsigned | NO | | NULL | | -#| warn_count | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| max_latency | text | YES | | NULL | | -#| avg_latency | text | YES | | NULL | | -#| rows_sent | bigint(20) unsigned | NO | | NULL | | -#| rows_sent_avg | decimal(21,0) | NO | | 0 | | -#| rows_examined | bigint(20) unsigned | NO | | NULL | | -#| rows_examined_avg | decimal(21,0) | NO | | 0 | | -#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| digest | varchar(32) | YES | | NULL | | -#+-------------------+---------------------+------+-----+---------------------+-------+ -#16 rows in set (0,00 sec) - - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: Last 50 queries with full table scans"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('select db, query, last_seen from sys.statements_with_full_table_scans order BY last_seen DESC LIMIT 50;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -######################################################################### + + subheaderprint "Performance schema: TOP 15 reader queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query , rows_sent from statements_with_runtimes_in_95th_percentile ORDER BY ROWs_sent DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 most row look queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 total latency queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 max latency queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 average latency queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + subheaderprint "Performance schema: Top 20 queries with sort"; + $nbL=1; + for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_sorting order BY exec_count DESC LIMIT 20;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: Last 50 queries with sort"; + $nbL=1; + for my $lQuery(select_array ('select db, query, last_seen from sys.statements_with_sorting order BY last_seen DESC LIMIT 50;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 row sorting queries with sort"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query , rows_sorted from statements_with_sorting ORDER BY ROWs_sorted DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 total latency queries with sort"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 merge queries with sort"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 average sort merges queries with sort"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 scans queries with sort"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 range queries with sort"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + +return; + +## ################################################################################## - #statements_with_sorting #mysql> desc statements_with_sorting; #+-------------------+---------------------+------+-----+---------------------+-------+ @@ -3939,6 +3982,32 @@ return; #| digest | varchar(32) | YES | | NULL | | #+-------------------+---------------------+------+-----+---------------------+-------+ #13 rows in set (0,00 sec) +return; + + subheaderprint "Performance schema: TOP 15 most row look queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + + subheaderprint "Performance schema: TOP 15 max latency queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 average latency queries (95% percentile)"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); subheaderprint "Performance schema: XXXXXXX"; $nbL=1; @@ -3948,6 +4017,8 @@ return; } infoprint "No information found or indicators desactivated." if ($nbL == 1); + +return; ################################################################################## #statements_with_temp_tables From f6f54c563fa0b613ad683e0516884f883be7cd43 Mon Sep 17 00:00:00 2001 From: AlberT Date: Tue, 18 Oct 2016 11:22:59 +0200 Subject: [PATCH 199/237] Create README.it.md Initial release .. just a copy of the original english file --- README.it.md | 236 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 236 insertions(+) create mode 100644 README.it.md diff --git a/README.it.md b/README.it.md new file mode 100644 index 0000000..bff914e --- /dev/null +++ b/README.it.md @@ -0,0 +1,236 @@ +MySQLTuner-perl +==== +[![Build Status - Master](https://travis-ci.org/major/MySQLTuner-perl.svg?branch=master)](https://travis-ci.org/major/MySQLTuner-perl) +[![Project Status](http://opensource.box.com/badges/active.svg)](http://opensource.box.com/badges) +[![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) +[![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") +[![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") +[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) + +**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. + +**MySQLTuner** supports in this last version ~250 indicators for MySQL/MariaDB/Percona Server. + +**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... + +You can found more details on this indicators +![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). + + +![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) + +MySQLTuner needs you: +=== + +**MySQLTuner** needs contributors for documentation, code and feedbacks.. + +* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) + +Compatibility: +==== + +* MySQL 5.7 (full support) +* MySQL 5.6 (full support) +* MySQL 5.5 (full support) +* MariaDB 10.1 (full support) +* MariaDB 10.0 (full support) +* Percona Server 5.6 (full support) +* Percona XtraDB cluster (full support) +* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version) +* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package) +* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants) +* Windows is not supported at this time (Help wanted !!!!!) +* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1) +* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org) + +***WARNING*** +-- +It is **extremely important** for you to fully understand each change +you make to a MySQL database server. If you don't understand portions +of the script's output, or if you don't understand the recommendations, +**you should consult** a knowledgeable DBA or system administrator +that you trust. **Always** test your changes on staging environments, and +always keep in mind that improvements in one area can **negatively affect** +MySQL in other areas. + +**Seriously - please review the FAQ section below.** + +What MySQLTuner is checking exactly ? +-- +All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation. + +Download/Installation +-- + +You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is: + + wget http://mysqltuner.pl/ -O mysqltuner.pl + wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt + wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv + perl mysqltuner.pl + +Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly. + +Specific usage +-- + +__Usage:__ Minimal usage locally + + perl mysqltuner.pl + +__Usage:__ Minimal usage remotely + + perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password + +__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging + + perl mysqltuner.pl --verbose + perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat + + +__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version + + perl mysqltuner.pl --cvefile=vulnerabilities.csv + +__Usage:__ Write your result in a file with information displayed + + perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt + +__Usage:__ Write your result in a file **without outputting information** + + perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt + +__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax. + + perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl + +__Usage:__ Enable debugging information + + perl mysqltuner.pl --debug + +FAQ +-- + +**Question: Will MySQLTuner fix my slow MySQL server?** + +**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.* + +**Question: Can I fire my DBA now?** + +**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call. + +**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?** + +The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains: + + [client] + user=someusername + pass=thatuserspassword + +Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option. + +**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?** + +You could use mysql_config_editor utilities. + + $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost + Enter passord: ******** + $ + +At this time, ~/.mylogin.cnf has been written with appropriated rigth access. + +To get information about stored credentials, use the following command: + + $mysql_config_editor print + [client] + user = someusername + password = ***** + host = localhost + +**Question: What's minimum privileges needed by a specific mysqltuner user in database ?** + + mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234; + +**Question: It's not working on my OS! What gives?!** + +These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly: + +* OS and OS version +* Architecture (x86, x86_64, IA64, Commodore 64) +* Exact MySQL version +* Where you obtained your MySQL version (OS package, source, etc) +* The full text of the error +* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) + +**Question: How to perform a CVE vulneralibity checks ?** + +* Download vulnerabilities.csv from this repository. +* use option --cvefile to perform CVE checks + +**Question: How to use mysqltuner from remote host ?** +Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) + +* You will still have to connect like a mysql client: + +Connection and Authentication + + --host Connect to a remote host to perform tests (default: localhost) + --socket Use a different socket for a local connection + --port Port to use for connection (default: 3306) + --user Username to use for authentication + --pass Password to use for authentication + --defaults-file defaulfs file for credentials + +Since you are using a remote host, use parameters to supply values from the OS + + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + +* You may have to contact your remote SysAdmin to ask how much RAM and swap you have + +If the database has too many tables, or very large table, use this: + + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + +MySQLTuner and Vagrant +-- +**MySQLTuner** contains following Vagrant configurations: +* Fedora Core 23 / MariaDB 10.0 +* Fedora Core 23 / MariaDB 10.1 +* Fedora Core 23 / MySQL 5.6 +* Fedora Core 23 / MySQL 5.7 + +**Vagrant File** are stored in Vagrant subdirectory. +* Follow this 2 steps after vagrant installation: +* Rename VagrantFile_for_Mxxx into Vagrantfile +* vagrant up + +**MySQLTuner** contains a Vagrant configurations for test purpose and development +* Install VirtualBox and Vagrant + * https://www.virtualbox.org/wiki/Downloads + * https://www.vagrantup.com/downloads.html +* Clone repository + * git clone https://github.com/major/MySQLTuner-perl.git +* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest + * vagrant plugin install vagrant-hostmanager + * vagrant plugin install vagrant-vbguest +* Add Fedora Core 23 box for official Fedora Download Website + * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box +* Create a data directory + * mkdir data +* Rename Vagrantfile_MariaDB10.0 into Vagrantfile + * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile +* Start vagrant + * vagrant up + +MySQLTuner needs you +-- +**MySQLTuner** needs contributors for documentation, code and feedbacks.. + +* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) + From 29a78a1200386abd8b139e59ab6adf1a241ed106 Mon Sep 17 00:00:00 2001 From: drAlberT Date: Tue, 18 Oct 2016 13:07:00 +0200 Subject: [PATCH 200/237] Translated up to FAQ (excluded) removed trailing spaces too --- README.it.md | 100 +++++++++++++++++++++++++-------------------------- 1 file changed, 48 insertions(+), 52 deletions(-) diff --git a/README.it.md b/README.it.md index bff914e..87efb00 100644 --- a/README.it.md +++ b/README.it.md @@ -1,63 +1,59 @@ MySQLTuner-perl ==== -[![Build Status - Master](https://travis-ci.org/major/MySQLTuner-perl.svg?branch=master)](https://travis-ci.org/major/MySQLTuner-perl) -[![Project Status](http://opensource.box.com/badges/active.svg)](http://opensource.box.com/badges) -[![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) -[![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") -[![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") -[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) +[![Stato della build - Master](https://travis-ci.org/major/MySQLTuner-perl.svg?branch=master)](https://travis-ci.org/major/MySQLTuner-perl) +[![Stato del progetto](http://opensource.box.com/badges/active.svg)](http://opensource.box.com/badges) +[![Stato del progetto](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) +[![Tempo medio per la soluzione di problemi](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") +[![Percentuale di problemi non risolti](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") +[![Licenza GPL](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) -**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. +**MySQLTuner** è uno script Perl che permette di analizzare velocemente una installazione di MySQL, nonché di apportare modifiche per migliorare le prestazioni e la stabilità. In modo coinciso sono riportati lo stato attuale delle variabili di configurazione e i dati sullo stato del sistema, corredati da suggerimenti di base per il miglioramento delle prestazioni. -**MySQLTuner** supports in this last version ~250 indicators for MySQL/MariaDB/Percona Server. +**MySQLTuner** supporta, in quest'ultima versione, circa 250 indicatori per i server MySQL/MariaDB/Percona. -**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... +**MySQLTuner** è attivamente manutenuto e nuovi indicatori sono aggiunti di settimana in settimana, supportando un gran numero di configurazioni tra le quali ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), metriche relative al SO Linux, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... -You can found more details on this indicators +Maggiori dettagli sugli indicatori ![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). ![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) -MySQLTuner needs you: +MySQLTuner ha bisogno di te: === -**MySQLTuner** needs contributors for documentation, code and feedbacks.. +**MySQLTuner** ha bisogno di collaboratori per la documentazione, il codice e suggerimenti.. -* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). -* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) -* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) - -Compatibility: +* Problemi e suggerimenti possono essere riportati su [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* La guida per contribuire è disponibile in inglese: [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Dai un Stella a **MySQLTuner project** su [GitHub](https://github.com/major/MySQLTuner-perl) + +Compatibilità: ==== -* MySQL 5.7 (full support) -* MySQL 5.6 (full support) -* MySQL 5.5 (full support) -* MariaDB 10.1 (full support) -* MariaDB 10.0 (full support) -* Percona Server 5.6 (full support) -* Percona XtraDB cluster (full support) -* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version) -* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package) -* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants) -* Windows is not supported at this time (Help wanted !!!!!) -* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1) -* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org) +* MySQL 5.7 (pieno supporto) +* MySQL 5.6 (pieno supporto) +* MySQL 5.5 (pieno supporto) +* MariaDB 10.1 (pieno supporto) +* MariaDB 10.0 (pieno supporto) +* Percona Server 5.6 (pieno supporto) +* Percona XtraDB cluster (pieno supporto) +* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (supporto parziale - versione deprecata) +* Perl 5.6 o successivi (col pacchetto [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod)) +* Sistemi operativi basati su Unix/Linux (testato su Linux, varianti di BSD e di Solaris) +* Windows non è supportato al momento (gradito aiuto!!!!!) +* Accesso completo in lettura al server MySQL (accesso root a livello di SO raccomandato per MySQL < 5.1) +* supporto al rilevamento di vulnerabilità CVE da [https://cve.mitre.org](https://cve.mitre.org) -***WARNING*** +***ATTENZIONE*** -- -It is **extremely important** for you to fully understand each change -you make to a MySQL database server. If you don't understand portions -of the script's output, or if you don't understand the recommendations, -**you should consult** a knowledgeable DBA or system administrator -that you trust. **Always** test your changes on staging environments, and -always keep in mind that improvements in one area can **negatively affect** -MySQL in other areas. +È **estremamente importante** che tu capisca appieno ogni singola modifica apportata alla configurazione del server MySQL. +Qualora non capissi appieno qualche parte dell'output dello script o se non capissi quanto raccomandato **dovresti consultare** un DBA esperto o un amministratore di sistema di cui hai fiducia. +Testa **sempre** le modifiche su ambienti ad hoc e tieni sempre presente che miglioramenti in un settore potrebbero **influenzare negativamente** MySQL in altri settori. -**Seriously - please review the FAQ section below.** +**Seriamente - consulta la sezione FAQ che segue.** -What MySQLTuner is checking exactly ? +What MySQLTuner is checking exactly ? -- All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation. @@ -70,7 +66,7 @@ You can download the entire repository by using 'git clone' followed by the clon wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv perl mysqltuner.pl - + Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly. Specific usage @@ -78,27 +74,27 @@ Specific usage __Usage:__ Minimal usage locally - perl mysqltuner.pl + perl mysqltuner.pl __Usage:__ Minimal usage remotely perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password -__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging +__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging perl mysqltuner.pl --verbose perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat - + __Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version perl mysqltuner.pl --cvefile=vulnerabilities.csv -__Usage:__ Write your result in a file with information displayed +__Usage:__ Write your result in a file with information displayed perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt -__Usage:__ Write your result in a file **without outputting information** +__Usage:__ Write your result in a file **without outputting information** perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt @@ -106,7 +102,7 @@ __Usage:__ Using template model to customize your reporting file based on [Text: perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl -__Usage:__ Enable debugging information +__Usage:__ Enable debugging information perl mysqltuner.pl --debug @@ -128,7 +124,7 @@ The script will try its best to log in via any means possible. It will check fo [client] user=someusername pass=thatuserspassword - + Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option. **Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?** @@ -179,7 +175,7 @@ Connection and Authentication --host Connect to a remote host to perform tests (default: localhost) --socket Use a different socket for a local connection --port Port to use for connection (default: 3306) - --user Username to use for authentication + --user Username to use for authentication --pass Password to use for authentication --defaults-file defaulfs file for credentials @@ -202,8 +198,8 @@ MySQLTuner and Vagrant * Fedora Core 23 / MariaDB 10.1 * Fedora Core 23 / MySQL 5.6 * Fedora Core 23 / MySQL 5.7 - -**Vagrant File** are stored in Vagrant subdirectory. + +**Vagrant File** are stored in Vagrant subdirectory. * Follow this 2 steps after vagrant installation: * Rename VagrantFile_for_Mxxx into Vagrantfile * vagrant up @@ -233,4 +229,4 @@ MySQLTuner needs you * Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). * Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) * Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) - + From bbc04d848fceaaea15971c82f29adbae4375fa31 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 18 Oct 2016 14:25:02 +0200 Subject: [PATCH 201/237] #258 new rule for innodb log file size (25% of Buffer pool size) --- mysqltuner.pl | 86 +++++++++++++-------------------------------------- 1 file changed, 22 insertions(+), 64 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 2ad619f..4f0b428 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3958,65 +3958,6 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); -return; - -## -################################################################################## -#statements_with_sorting -#mysql> desc statements_with_sorting; -#+-------------------+---------------------+------+-----+---------------------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+-------------------+---------------------+------+-----+---------------------+-------+ -#| query | longtext | YES | | NULL | | -#| db | varchar(64) | YES | | NULL | | -#| exec_count | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| sort_merge_passes | bigint(20) unsigned | NO | | NULL | | -#| avg_sort_merges | decimal(21,0) | NO | | 0 | | -#| sorts_using_scans | bigint(20) unsigned | NO | | NULL | | -#| sort_using_range | bigint(20) unsigned | NO | | NULL | | -#| rows_sorted | bigint(20) unsigned | NO | | NULL | | -#| avg_rows_sorted | decimal(21,0) | NO | | 0 | | -#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| digest | varchar(32) | YES | | NULL | | -#+-------------------+---------------------+------+-----+---------------------+-------+ -#13 rows in set (0,00 sec) -return; - - subheaderprint "Performance schema: TOP 15 most row look queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - - - subheaderprint "Performance schema: TOP 15 max latency queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - - subheaderprint "Performance schema: TOP 15 average latency queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - - subheaderprint "Performance schema: XXXXXXX"; - $nbL=1; - for my $lQuery(select_array ('select "none";')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; - } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - return; ################################################################################## @@ -4692,9 +4633,14 @@ sub mysql_innodb { infoprint " +-- InnoDB Additional Mem Pool: " . hr_bytes( $myvar{'innodb_additional_mem_pool_size'} ) . ""; } + if ( defined $myvar{'innodb_log_file_size'} ) { + infoprint " +-- InnoDB Log File Size: " + . hr_bytes( $myvar{'innodb_log_file_size'} ) . "(".$mycalc{'innodb_log_size_pct'}." % of buffer pool)"; + } + if ( defined $myvar{'innodb_log_buffer_size'} ) { infoprint " +-- InnoDB Log Buffer: " - . hr_bytes( $myvar{'innodb_log_buffer_size'} ) . "(".percentage($mycalc{'innodb_log_size_pct'}).")"; + . hr_bytes( $myvar{'innodb_log_buffer_size'} ) ; } if ( defined $mystat{'Innodb_buffer_pool_pages_free'} ) { infoprint " +-- InnoDB Log Buffer Free: " @@ -4721,7 +4667,19 @@ sub mysql_innodb { . hr_bytes_rnd( $enginestats{'InnoDB'} ) . ") if possible." ); } - + if ($mycalc{'innodb_log_size_pct'} < 20 or $mycalc{'innodb_log_size_pct'} > 30) { + badprint "Ratio InnoDB log file size / InnoDb Buffer pool size (". + $mycalc{'innodb_log_size_pct'}. + " %): " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" + . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; + push( @adjvars, + "innodb_log_file_size should be equals to 1/4 of buffer pool size (= " + . hr_bytes_rnd( $myvar{'innodb_buffer_pool_size'}/4 ) . ") if possible." ); + } else { + goodprint "InnoDB log file size / InnoDb Buffer pool size: " + . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . "/" + . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; + } # InnoDB Buffer Pull Instances (MySQL 5.6.6+) if ( defined( $myvar{'innodb_buffer_pool_instances'} ) ) { @@ -4763,7 +4721,7 @@ sub mysql_innodb { else { if ( $myvar{'innodb_buffer_pool_instances'} != 1 ) { badprint -"InnoDB buffer pool <= 1G and innodb_buffer_pool_instances(!=1)."; +"InnoDB buffer pool <= 1G and Innodb_buffer_pool_instances(!=1)."; push( @adjvars, "innodb_buffer_pool_instances (=1)" ); } else { @@ -4793,11 +4751,11 @@ sub mysql_innodb { ) { goodprint -"innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; +"Innodb_buffer_pool_size aligned with Innodb_buffer_pool_chunk_size & Innodb_buffer_pool_instances"; } else { badprint -"innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances"; +"Innodb_buffer_pool_size aligned with Innodb_buffer_pool_chunk_size & Innodb_buffer_pool_instances"; #push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" ); push( @adjvars, From 6a70adebd3ba6dec506aad76c88bc2dbe2659f54 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 18 Oct 2016 14:55:13 +0200 Subject: [PATCH 202/237] Full support performance schema Update vulnerability list Updade INTERNALS doc. --- INTERNALS.md | 10 +++ mysqltuner.pl | 214 ++++++++++---------------------------------- vulnerabilities.csv | 198 ++++++++++++++++++++-------------------- 3 files changed, 155 insertions(+), 267 deletions(-) diff --git a/INTERNALS.md b/INTERNALS.md index 60df087..c932966 100644 --- a/INTERNALS.md +++ b/INTERNALS.md @@ -378,3 +378,13 @@ * TOP 15 average sort merges queries with sort * TOP 15 scans queries with sort * TOP 15 range queries with sort +* Top 20 queries with temp table +* Last 50 queries with temp table +* TOP 15 total latency queries with temp table +* TOP 15 queries with temp table to disk +* TOP 15 class events by number +* TOP 30 events by number +* TOP 15 class events by total latency +* TOP 30 events by total latency +* TOP 15 class events by max latency +* TOP 30 events by max latency \ No newline at end of file diff --git a/mysqltuner.pl b/mysqltuner.pl index 4f0b428..f3eeff3 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3813,30 +3813,6 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## - -#statements_with_full_table_scans -#mysql> desc statements_with_full_table_scans; -#+--------------------------+------------------------+------+-----+---------------------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+--------------------------+------------------------+------+-----+---------------------+-------+ -#| query | longtext | YES | | NULL | | -#| db | varchar(64) | YES | | NULL | | -#| exec_count | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| no_index_used_count | bigint(20) unsigned | NO | | NULL | | -#| no_good_index_used_count | bigint(20) unsigned | NO | | NULL | | -#| no_index_used_pct | decimal(24,0) | NO | | 0 | | -#| rows_sent | bigint(20) unsigned | NO | | NULL | | -#| rows_examined | bigint(20) unsigned | NO | | NULL | | -#| rows_sent_avg | decimal(21,0) unsigned | YES | | NULL | | -#| rows_examined_avg | decimal(21,0) unsigned | YES | | NULL | | -#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | | -#| digest | varchar(32) | YES | | NULL | | -#+--------------------------+------------------------+------+-----+---------------------+-------+ -#14 rows in set (0,00 sec) -# subheaderprint "Performance schema: Top 20 queries with full table scans"; $nbL=1; for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_full_table_scans order BY exec_count DESC LIMIT 20;')) { @@ -3959,7 +3935,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); -return; + ################################################################################## #statements_with_temp_tables @@ -3982,29 +3958,33 @@ return; #+--------------------------+---------------------+------+-----+---------------------+-------+ #11 rows in set (0,01 sec)# # - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: Top 20 queries with temp table"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_temp_tables order BY exec_count DESC LIMIT 20;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#wait_classes_global_by_avg_latency -#mysql> select * from wait_classes_global_by_avg_latency; -#+-----------------+-------+---------------+-------------+-------------+-------------+ -#| event_class | total | total_latency | min_latency | avg_latency | max_latency | -#+-----------------+-------+---------------+-------------+-------------+-------------+ -#| wait/io/table | 54 | 7.34 ms | 5.45 us | 135.89 us | 3.95 ms | -#| wait/io/file | 14441 | 1.22 s | 0 ps | 84.48 us | 230.64 ms | -#| wait/lock/table | 63 | 2.29 ms | 658.84 ns | 36.38 us | 1.10 ms | -#+-----------------+-------+---------------+-------------+-------------+-------------+ -#3 rows in set (0,02 sec) -# - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: Last 50 queries with temp table"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('select db, query, last_seen from sys.statements_with_temp_tables order BY last_seen DESC LIMIT 50;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 total latency queries with temp table"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_temp_tables ORDER BY total_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 queries with temp table to disk"; + $nbL=1; + for my $lQuery(select_array ('use sys;select db, query, disk_tmp_tables from statements_with_sorting ORDER BY disk_tmp_tables DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -4023,151 +4003,49 @@ return; #-----------------+-------+---------------+-------------+-------------+-------------+ # rows in set (0,00 sec) -subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: TOP 15 class events by number"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#waits_by_host_by_latency -#+---------------+---------------------+------+-----+---------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+---------------+---------------------+------+-----+---------+-------+ -#| host | varchar(60) | YES | | NULL | | -#| event | varchar(128) | NO | | NULL | | -#| total | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| avg_latency | text | YES | | NULL | | -#| max_latency | text | YES | | NULL | | -#+---------------+---------------------+------+-----+---------+-------+ -#6 rows in set (0,00 sec) -# -#mysql> select * from waits_by_host_by_latency; -#+------------+--------------------------------------+-------+---------------+-------------+-------------+ -#| host | event | total | total_latency | avg_latency | max_latency | -#+------------+--------------------------------------+-------+---------------+-------------+-------------+ -#| background | wait/io/file/innodb/innodb_data_file | 3557 | 542.77 ms | 152.59 us | 230.64 ms | -#| background | wait/io/file/sql/FRM | 1365 | 299.94 ms | 219.74 us | 57.13 ms | -#| background | wait/io/file/innodb/innodb_log_file | 22 | 117.31 ms | 5.33 ms | 67.12 ms | -#| background | wait/io/file/sql/ERRMSG | 5 | 40.72 ms | 8.14 ms | 20.47 ms | -#| background | wait/io/file/myisam/kfile | 33 | 20.30 ms | 615.27 us | 13.90 ms | -#| background | wait/io/file/myisam/dfile | 24 | 6.38 ms | 265.94 us | 2.20 ms | -#| background | wait/io/file/sql/casetest | 15 | 3.82 ms | 254.61 us | 3.40 ms | -#| background | wait/io/file/mysys/charset | 3 | 3.51 ms | 1.17 ms | 3.46 ms | -#| background | wait/io/file/mysys/cnf | 5 | 1.72 ms | 344.81 us | 1.61 ms | -#| background | wait/io/file/sql/pid | 3 | 59.35 us | 19.78 us | 41.86 us | -#| background | wait/io/file/sql/global_ddl_log | 2 | 50.55 us | 25.28 us | 47.35 us | -#| localhost | wait/io/file/sql/FRM | 702 | 74.00 ms | 105.41 us | 4.04 ms | -#| localhost | wait/io/file/myisam/dfile | 7845 | 62.58 ms | 7.98 us | 4.95 ms | -#| localhost | wait/io/file/sql/io_cache | 256 | 17.74 ms | 69.28 us | 1.19 ms | -#| localhost | wait/io/file/innodb/innodb_data_file | 76 | 14.54 ms | 191.30 us | 2.79 ms | -#| localhost | wait/io/table/sql/handler | 54 | 7.34 ms | 135.89 us | 3.95 ms | -#| localhost | wait/io/file/sql/file_parser | 328 | 7.01 ms | 21.37 us | 840.04 us | -#| localhost | wait/io/file/csv/data | 163 | 2.61 ms | 15.99 us | 859.49 us | -#| localhost | wait/lock/table/sql/handler | 63 | 2.29 ms | 36.38 us | 1.10 ms | -#| localhost | wait/io/file/myisam/kfile | 12 | 1.65 ms | 137.40 us | 565.79 us | -#| localhost | wait/io/file/csv/metadata | 8 | 1.51 ms | 188.29 us | 529.71 us | -#| localhost | wait/io/file/sql/dbopt | 16 | 1.26 ms | 78.96 us | 821.28 us | -#| localhost | wait/io/file/archive/data | 7 | 566.20 us | 80.89 us | 449.58 us | -#+------------+--------------------------------------+-------+---------------+-------------+-------------+ -#23 rows in set (0,01 sec) -# - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: TOP 30 events by number"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('use sys;select events, total from waits_global_by_latency ORDER BY total DESC LIMIT 30;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#waits_by_user_by_latency -#mysql> select * from waits_by_user_by_latency; -#+------+--------------------------------------+-------+---------------+-------------+-------------+ -#| user | event | total | total_latency | avg_latency | max_latency | -#+------+--------------------------------------+-------+---------------+-------------+-------------+ -#| root | wait/io/file/sql/FRM | 702 | 74.00 ms | 105.41 us | 4.04 ms | -#| root | wait/io/file/myisam/dfile | 7845 | 62.58 ms | 7.98 us | 4.95 ms | -#| root | wait/io/file/sql/io_cache | 256 | 17.74 ms | 69.28 us | 1.19 ms | -#| root | wait/io/file/innodb/innodb_data_file | 76 | 14.54 ms | 191.30 us | 2.79 ms | -#| root | wait/io/table/sql/handler | 54 | 7.34 ms | 135.89 us | 3.95 ms | -#| root | wait/io/file/sql/file_parser | 328 | 7.01 ms | 21.37 us | 840.04 us | -#| root | wait/io/file/csv/data | 163 | 2.61 ms | 15.99 us | 859.49 us | -#| root | wait/lock/table/sql/handler | 63 | 2.29 ms | 36.38 us | 1.10 ms | -#| root | wait/io/file/myisam/kfile | 12 | 1.65 ms | 137.40 us | 565.79 us | -#| root | wait/io/file/csv/metadata | 8 | 1.51 ms | 188.29 us | 529.71 us | -#| root | wait/io/file/sql/dbopt | 16 | 1.26 ms | 78.96 us | 821.28 us | -#| root | wait/io/file/archive/data | 7 | 566.20 us | 80.89 us | 449.58 us | -#+------+--------------------------------------+-------+---------------+-------------+-------------+ -#12 rows in set (0,01 sec) -# -#mysql> desc waits_by_user_by_latency; -#+---------------+---------------------+------+-----+---------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+---------------+---------------------+------+-----+---------+-------+ -#| user | varchar(32) | YES | | NULL | | -#| event | varchar(128) | NO | | NULL | | -#| total | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| avg_latency | text | YES | | NULL | | -#| max_latency | text | YES | | NULL | | -#+---------------+---------------------+------+-----+---------+-------+ -#6 rows in set (0,00 sec) -# - subheaderprint "Performance schema: XXXXXXX"; + subheaderprint "Performance schema: TOP 15 class events by total latency"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); -################################################################################## -#waits_global_by_latency -#mysql> select * from waits_global_by_latency; -#+--------------------------------------+-------+---------------+-------------+-------------+ -#| events | total | total_latency | avg_latency | max_latency | -#+--------------------------------------+-------+---------------+-------------+-------------+ -#| wait/io/file/innodb/innodb_data_file | 3636 | 557.43 ms | 153.31 us | 230.64 ms | -#| wait/io/file/sql/FRM | 2167 | 375.60 ms | 173.33 us | 57.13 ms | -#| wait/io/file/innodb/innodb_log_file | 22 | 117.31 ms | 5.33 ms | 67.12 ms | -#| wait/io/file/myisam/dfile | 7869 | 68.97 ms | 8.76 us | 4.95 ms | -#| wait/io/file/sql/ERRMSG | 5 | 40.72 ms | 8.14 ms | 20.47 ms | -#| wait/io/file/myisam/kfile | 45 | 21.95 ms | 487.84 us | 13.90 ms | -#| wait/io/file/sql/io_cache | 256 | 17.74 ms | 69.28 us | 1.19 ms | -#| wait/io/table/sql/handler | 54 | 7.34 ms | 135.89 us | 3.95 ms | -#| wait/io/file/sql/file_parser | 228 | 5.35 ms | 23.48 us | 840.04 us | -#| wait/io/file/sql/casetest | 15 | 3.82 ms | 254.61 us | 3.40 ms | -#| wait/io/file/mysys/charset | 3 | 3.51 ms | 1.17 ms | 3.46 ms | -#| wait/io/file/csv/data | 163 | 2.61 ms | 15.99 us | 859.49 us | -#| wait/lock/table/sql/handler | 63 | 2.29 ms | 36.38 us | 1.10 ms | -#| wait/io/file/mysys/cnf | 5 | 1.72 ms | 344.81 us | 1.61 ms | -#| wait/io/file/csv/metadata | 8 | 1.51 ms | 188.29 us | 529.71 us | -#| wait/io/file/sql/dbopt | 16 | 1.26 ms | 78.96 us | 821.28 us | -#| wait/io/file/archive/data | 7 | 566.20 us | 80.89 us | 449.58 us | -#| wait/io/file/sql/pid | 3 | 59.35 us | 19.78 us | 41.86 us | -#| wait/io/file/sql/global_ddl_log | 2 | 50.55 us | 25.28 us | 47.35 us | -#+--------------------------------------+-------+---------------+-------------+-------------+ -#19 rows in set (0,01 sec) -# -#mysql> desc waits_global_by_latency -# -> ; -#+---------------+---------------------+------+-----+---------+-------+ -#| Field | Type | Null | Key | Default | Extra | -#+---------------+---------------------+------+-----+---------+-------+ -#| events | varchar(128) | NO | | NULL | | -#| total | bigint(20) unsigned | NO | | NULL | | -#| total_latency | text | YES | | NULL | | -#| avg_latency | text | YES | | NULL | | -#| max_latency | text | YES | | NULL | | -#+---------------+---------------------+------+-----+---------+-------+ -#5 rows in set (0,00 sec) -# - subheaderprint "Performance schema: XXXXXXX"; + + subheaderprint "Performance schema: TOP 30 events by total latency"; $nbL=1; - for my $lQuery(select_array ('select "none";')) { + for my $lQuery(select_array ('use sys;select events, total_latency from waits_global_by_latency ORDER BY total_latency DESC LIMIT 30;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 15 class events by max latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;')) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; + } + infoprint "No information found or indicators desactivated." if ($nbL == 1); + + subheaderprint "Performance schema: TOP 30 events by max latency"; + $nbL=1; + for my $lQuery(select_array ('use sys;select events, max_latency from waits_global_by_latency ORDER BY max_latency DESC LIMIT 30;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } diff --git a/vulnerabilities.csv b/vulnerabilities.csv index 2e4dda8..a6a20b3 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -1,7 +1,7 @@ 4.0.20;4;0;20;CVE-2004-0457;Candidate;"The mysqlhotcopy script in mysql 4.0.20 and earlier; when using the scp method from the mysql-server package; allows local users to overwrite arbitrary files via a symlink attack on temporary files.";"DEBIAN:DSA-540 | URL:http://www.debian.org/security/2004/dsa-540 | CONFIRM:http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | OVAL:oval:org.mitre.oval:def:10693 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10693 | XF:mysql-mysqlhotcopy-insecure-file(17030) | URL:http://xforce.iss.net/xforce/xfdb/17030";Assigned (20040506);"None (candidate not yet proposed)"; -4.0.21;4;0;21;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)"; -3.23.49;3;23;49;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)"; -4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)"; +4.0.21;4;0;21;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)"; +3.23.49;3;23;49;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)"; +4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.info/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)"; 4.1.21;4;1;21;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | OVAL:oval:org.mitre.oval:def:9827 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9827 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930 | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226";Assigned (20060710);"None (candidate not yet proposed)"; 4.1.23;4;1;23;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)"; 5.0.42;5;0;42;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)"; @@ -135,8 +135,8 @@ 5.5.28;5;5;28;CVE-2013-0386;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16835 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16835 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)"; 5.1.66;5;1;66;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)"; 5.5.28;5;5;28;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)"; -5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; -5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; +5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; +5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; 5.1.67;5;1;67;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; 5.5.29;5;5;29;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; 5.6.10;5;6;10;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)"; @@ -165,34 +165,34 @@ 5.5.30;5;5;30;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)"; 5.6.10;5;6;10;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)"; 5.5.31;5;5;31;CVE-2013-3783;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61210 | URL:http://www.securityfocus.com/bid/61210 | OSVDB:95332 | URL:http://osvdb.org/95332 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133783(85719) | URL:http://xforce.iss.net/xforce/xfdb/85719";Assigned (20130603);"None (candidate not yet proposed)"; -5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)"; -5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)"; -5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)"; -5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)"; +5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)"; +5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)"; +5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)"; +5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3795;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61241 | URL:http://www.securityfocus.com/bid/61241 | OSVDB:95324 | URL:http://osvdb.org/95324";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3796;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61233 | URL:http://www.securityfocus.com/bid/61233 | OSVDB:95329 | URL:http://osvdb.org/95329";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3798;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61274 | URL:http://www.securityfocus.com/bid/61274 | OSVDB:95321 | URL:http://osvdb.org/95321";Assigned (20130603);"None (candidate not yet proposed)"; -5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)"; -5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)"; +5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)"; +5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)"; 5.1.69;5;1;69;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)"; 5.5.31;5;5;31;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)"; 5.1.69;5;1;69;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)"; 5.5.31;5;5;31;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)"; -5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)"; -5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)"; +5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)"; +5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3806;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3811.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95326 | URL:http://osvdb.org/95326 | XF:oracle-cpujuly2013-cve20133806(85713) | URL:http://xforce.iss.net/xforce/xfdb/85713";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3807;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95334 | URL:http://osvdb.org/95334 | XF:oracle-cpujuly2013-cve20133807(85721) | URL:http://xforce.iss.net/xforce/xfdb/85721";Assigned (20130603);"None (candidate not yet proposed)"; 5.1.68;5;1;68;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)"; 5.5.30;5;5;30;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.10;5;6;10;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)"; -5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)"; -5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)"; +5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)"; +5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3810;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95337 | URL:http://osvdb.org/95337 | XF:oracle-cpujuly2013-cve20133810(85724) | URL:http://xforce.iss.net/xforce/xfdb/85724";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-3811;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3806.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95335 | URL:http://osvdb.org/95335 | XF:oracle-cpujuly2013-cve20133811(85722) | URL:http://xforce.iss.net/xforce/xfdb/85722";Assigned (20130603);"None (candidate not yet proposed)"; -5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)"; -5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)"; +5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)"; +5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)"; 5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)"; 5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)"; @@ -205,8 +205,8 @@ 5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:http://xforce.iss.net/xforce/xfdb/90373";Assigned (20130918);"None (candidate not yet proposed)"; 5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:http://xforce.iss.net/xforce/xfdb/90377";Assigned (20130918);"None (candidate not yet proposed)"; 5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:http://xforce.iss.net/xforce/xfdb/90374";Assigned (20130918);"None (candidate not yet proposed)"; -5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)"; -5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)"; +5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)"; +5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)"; 5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:http://xforce.iss.net/xforce/xfdb/90376";Assigned (20130918);"None (candidate not yet proposed)"; 5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)"; 5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)"; @@ -230,8 +230,8 @@ 5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)"; 5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)"; 5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)"; -5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)"; -5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)"; +5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)"; +5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)"; 5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:http://xforce.iss.net/xforce/xfdb/90383";Assigned (20131212);"None (candidate not yet proposed)"; 5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:http://xforce.iss.net/xforce/xfdb/90387";Assigned (20131212);"None (candidate not yet proposed)"; 5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:http://xforce.iss.net/xforce/xfdb/90384";Assigned (20131212);"None (candidate not yet proposed)"; @@ -239,18 +239,18 @@ 5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)"; 5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)"; 5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)"; -5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)"; -5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)"; -5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)"; -5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)"; -5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)"; -5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)"; -5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)"; -5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)"; +5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)"; +5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)"; +5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)"; +5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)"; +5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)"; +5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)"; +5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)"; +5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)"; 5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66872 | URL:http://www.securityfocus.com/bid/66872";Assigned (20140313);"None (candidate not yet proposed)"; 5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66853 | URL:http://www.securityfocus.com/bid/66853";Assigned (20140313);"None (candidate not yet proposed)"; -5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)"; -5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)"; +5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)"; +5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)"; 5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)"; 5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)"; 5.6.15;5;6;15;CVE-2014-2442;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)"; @@ -258,102 +258,102 @@ 5.6.15;5;6;15;CVE-2014-2450;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)"; 5.6.15;5;6;15;CVE-2014-2451;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)"; 5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)"; -5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)"; -5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | XF:oracle-cpujul2014-cve20144207(94624) | URL:http://xforce.iss.net/xforce/xfdb/94624";Assigned (20140617);"None (candidate not yet proposed)"; +5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)"; +5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | XF:oracle-cpujul2014-cve20144207(94624) | URL:http://xforce.iss.net/xforce/xfdb/94624";Assigned (20140617);"None (candidate not yet proposed)"; 5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68607 | URL:http://www.securityfocus.com/bid/68607 | XF:oracle-cpujul2014-cve20144214(94627) | URL:http://xforce.iss.net/xforce/xfdb/94627";Assigned (20140617);"None (candidate not yet proposed)"; 5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68598 | URL:http://www.securityfocus.com/bid/68598 | XF:oracle-cpujul2014-cve20144233(94625) | URL:http://xforce.iss.net/xforce/xfdb/94625";Assigned (20140617);"None (candidate not yet proposed)"; 5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68587 | URL:http://www.securityfocus.com/bid/68587 | XF:oracle-cpujul2014-cve20144238(94623) | URL:http://xforce.iss.net/xforce/xfdb/94623";Assigned (20140617);"None (candidate not yet proposed)"; 5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68602 | URL:http://www.securityfocus.com/bid/68602 | XF:oracle-cpujul2014-cve20144240(94626) | URL:http://xforce.iss.net/xforce/xfdb/94626";Assigned (20140617);"None (candidate not yet proposed)"; -5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)"; -5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)"; -5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)"; -5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)"; -5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)"; -5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)"; +5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)"; +5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)"; +5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)"; +5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)"; +5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; From 3235eb0502528fddb407cd11009ad5a9ad2c4682 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 18 Oct 2016 15:18:28 +0200 Subject: [PATCH 203/237] Update indicator number --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6016104..b9bc35d 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ MySQLTuner-perl **MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. -**MySQLTuner** supports in this last version ~250 indicators for MySQL/MariaDB/Percona Server. +**MySQLTuner** supports in this last version ~300 indicators for MySQL/MariaDB/Percona Server. **MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... From 7a37e62cd19df9799842bacde9894563ab300af5 Mon Sep 17 00:00:00 2001 From: drAlberT Date: Tue, 18 Oct 2016 16:29:49 +0200 Subject: [PATCH 204/237] Italian translation finished --- README.it.md | 163 +++++++++++++++++++++++++++------------------------ 1 file changed, 85 insertions(+), 78 deletions(-) diff --git a/README.it.md b/README.it.md index 87efb00..c6c7d8d 100644 --- a/README.it.md +++ b/README.it.md @@ -22,7 +22,7 @@ Maggiori dettagli sugli indicatori MySQLTuner ha bisogno di te: === -**MySQLTuner** ha bisogno di collaboratori per la documentazione, il codice e suggerimenti.. +**MySQLTuner** ha bisogno di collaboratori per documentazione, codice e suggerimenti .. * Problemi e suggerimenti possono essere riportati su [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). * La guida per contribuire è disponibile in inglese: [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) @@ -53,91 +53,95 @@ Testa **sempre** le modifiche su ambienti ad hoc e tieni sempre presente che mig **Seriamente - consulta la sezione FAQ che segue.** -What MySQLTuner is checking exactly ? +Cosa verifica esattamente MySQLTuner ? -- -All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation. +Tutti i controlli effettuati da **MySQLTuner** sono documentati in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). -Download/Installation +Download/Installazione -- -You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is: +Si può semplicemente scaricare l'intero codice utilizzando `git clone` seguito dalla URL riportata sopra. +Il modo più semplice è il seguente: wget http://mysqltuner.pl/ -O mysqltuner.pl wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv perl mysqltuner.pl -Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly. +Ovviamente è possibile assegnare il permesso di esecuzione in modo da poter lanciare il comando senza chiamare l'interprete `perl` (`chmod +x mysqltuner.pl`). -Specific usage +Casi d'uso -- -__Usage:__ Minimal usage locally +__Uso:__ Minimale locale perl mysqltuner.pl -__Usage:__ Minimal usage remotely +__Uso:__ Minimale da remoto perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password -__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging +__Uso:__ Abilitando il massimo livello di informazione in output su MySQL/MariaDb senza usare l'optione di debug perl mysqltuner.pl --verbose perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat -__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version +__Uso:__ Abilitando la verifica delle vulnerabilità CVE per la versione di MariaDB o MySQL installata perl mysqltuner.pl --cvefile=vulnerabilities.csv -__Usage:__ Write your result in a file with information displayed +__Uso:__ Salvando i risultati su un file con le stesse informazione mostrate a video perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt -__Usage:__ Write your result in a file **without outputting information** +__Uso:__ Salvando i risultati su un file **senza mostrare nulla a video** perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt -__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax. +__Uso:__ Utilizzando un modello per personalizzare il file di output, con la sintassi di [Text::Template](https://metacpan.org/pod/Text::Template). perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl -__Usage:__ Enable debugging information +__Uso:__ Abilitando la modalità di debug perl mysqltuner.pl --debug FAQ -- -**Question: Will MySQLTuner fix my slow MySQL server?** +**Domanda: MySQLTuner sistemerà il mio server MySQL lento?** -**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.* +**No.** MySQLTuner è uno script che legge solamente. Non scriverà alcun file di configurazione, non modificherà lo stato di alcun demone né chiamerà tua madre per augurarle buon compleanno. +Ti darà una panoramica delle prestazioni del tuo server, facendo alcune raccomandazioni basilari circa i miglioramenti che tu puoi apportare. *assicurati di leggere l'avviso precedente prima di seguire qualsiasi raccomandazione.* -**Question: Can I fire my DBA now?** +**Domanda: Posso eliminare il mio DBA ora?** -**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call. +**MySQLTuner non sostituirà il tuo DBA in alcun modo.** Se il tuo DBA continuamente occupa il tuo parcheggio e ruba il tuo cibo dal frigo puoi considerare l'opzione - ma resta una tua scelta. -**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?** +**Domanda: Perché MySQLTuner continua a chiedermi ogni volta le credenziali di login di MySQL?** -The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains: +Lo script cerca di arguirle in ogni modo possibile. Cercando file `~/.my.cnf`, file di password di Plesk e provando il login di root con password vuota. +Se nessuno di questi modi ha successo, allora la password viene richiesta. Se preferisci che lo script giri in modo automatico, senza interazione con l'utente, allora crea un file `.my.cnf` nella tua cartella home che contenga: [client] user=someusername pass=thatuserspassword -Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option. +Una volta creato, assicurati che tu sia il proprietario (owner) e che i permessi siano 0600. Questo dovrebbe preservare le tue credenziali di login per i database da occhi indiscreti, in condizioni normali. +Se un [Terminator modello T-1000 apparisse vestito da Carabiniere](https://it.wikipedia.org/wiki/T-1000) e chiedesse le tue credenziali non avresti poi tante scelte. -**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?** +**Domanda: C'è qualche altro modo per rendere sicure le credenziali sulle ultime versioni di MySQL e MariaDB ?** -You could use mysql_config_editor utilities. +Potresti utilizzare il comando `mysql_config_editor`. $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost Enter passord: ******** $ -At this time, ~/.mylogin.cnf has been written with appropriated rigth access. +Che crea il file `~/.mylogin.cnf` con i prmessi di accesso appropriati. -To get information about stored credentials, use the following command: +Per avere informazioni sulle credenziali salvate, si usi ilseguente comando: $mysql_config_editor print [client] @@ -145,88 +149,91 @@ To get information about stored credentials, use the following command: password = ***** host = localhost -**Question: What's minimum privileges needed by a specific mysqltuner user in database ?** +**Domanda: Quali sono i privilegi minimi, nel database, necessari per un utente *mysqltuner* ad hoc ?** mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234; -**Question: It's not working on my OS! What gives?!** +**Domanda: Non funziona sul mio SO! Che succede?!** -These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly: +Questo genere di cose sono destinate ad accadere. Ecco i dettagli di cui ho bisogno per indagare sul problema: -* OS and OS version -* Architecture (x86, x86_64, IA64, Commodore 64) -* Exact MySQL version -* Where you obtained your MySQL version (OS package, source, etc) -* The full text of the error -* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) +* SO e versione del SO +* Architettura (x86, x86_64, IA64, Commodore 64) +* Versione esatta di MySQL +* Da dove viene la tua versione di MySQL (pacchetto del SO, sorgenti, etc.) +* Il testo completo dell'errore +* L'output dei comandi `SHOW VARIABLES;` e `SHOW GLOBAL STATUS;`(se possibile) -**Question: How to perform a CVE vulneralibity checks ?** +**Domanda: How to perform a CVE vulneralibity checks ?** +**Domanda: Come eseguo il check per le vulnerabilità CVE ?** -* Download vulnerabilities.csv from this repository. -* use option --cvefile to perform CVE checks +* Scarica il file `vulnerabilities.csv`da questo repository. +* Usa l'opzione `--cvefile` per eseguire i test delle CVE -**Question: How to use mysqltuner from remote host ?** -Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) +**Domanda: Come uso mysqltuner da un altro computer ?** +Grazie a [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) * You will still have to connect like a mysql client: +* Ti dovrai collegare come un client mysql: -Connection and Authentication +Connessione e Autenticazione - --host Connect to a remote host to perform tests (default: localhost) - --socket Use a different socket for a local connection - --port Port to use for connection (default: 3306) - --user Username to use for authentication - --pass Password to use for authentication - --defaults-file defaulfs file for credentials + --host Si connette a un host remoto per eseguire i test (default: localhost) + --socket Usa un socket per effettuare una connessione locale + --port Porta per la connessione (default: 3306) + --user Username per l'autenticazione + --pass Password per l'autenticazione + --defaults-file defaults file per le credenziali -Since you are using a remote host, use parameters to supply values from the OS +Poiché si sta utilizzando un host remoto, si utilizzino i seguenti parametri per fornire allo script i valori del SO - --forcemem Amount of RAM installed in megabytes - --forceswap Amount of swap memory configured in megabytes + --forcemem Valore della RAM installata, in megabyte + --forceswap Valore della memoria di swap configurata, in megabyte -* You may have to contact your remote SysAdmin to ask how much RAM and swap you have +* Potresti dover contattare il sistemista del server remoto per conoscere i valori di RAM e swap -If the database has too many tables, or very large table, use this: +Se il database ha troppe tabelle, o tabelle veramente grandi, si usi: - --skipsize Don't enumerate tables and their types/sizes (default: on) - (Recommended for servers with many tables) + --skipsize Non elenca le tabelle ed i rispettivi tipi e dimensioni (default: on) + (Raccomandato per server con molte tabelle) -MySQLTuner and Vagrant +MySQLTuner e Vagrant -- -**MySQLTuner** contains following Vagrant configurations: +**MySQLTuner** contiene le seguenti configurazioni per Vagrant: * Fedora Core 23 / MariaDB 10.0 * Fedora Core 23 / MariaDB 10.1 * Fedora Core 23 / MySQL 5.6 * Fedora Core 23 / MySQL 5.7 -**Vagrant File** are stored in Vagrant subdirectory. -* Follow this 2 steps after vagrant installation: -* Rename VagrantFile_for_Mxxx into Vagrantfile -* vagrant up +**Vagrant File** sono collocati nella sotto-directory di Vagrant. +* Segui questi due passaggi dopo l'installazione di Vagrant: + * Rinominare `VagrantFile_for_Mxxx` in `Vagrantfile` + * `vagrant up` -**MySQLTuner** contains a Vagrant configurations for test purpose and development -* Install VirtualBox and Vagrant +**MySQLTuner** contiene una configurazione Vagrant a scopo di test e sviluppo +* Installare VirtualBox e Vagrant * https://www.virtualbox.org/wiki/Downloads * https://www.vagrantup.com/downloads.html -* Clone repository +* Clone del repository * git clone https://github.com/major/MySQLTuner-perl.git -* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest - * vagrant plugin install vagrant-hostmanager - * vagrant plugin install vagrant-vbguest -* Add Fedora Core 23 box for official Fedora Download Website - * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box -* Create a data directory - * mkdir data -* Rename Vagrantfile_MariaDB10.0 into Vagrantfile - * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile +* Installare i plugin di Vagrant `vagrant-hostmanager` e `vagrant-vbguest` + * `vagrant plugin install vagrant-hostmanager` + * `vagrant plugin install vagrant-vbguest` +* Aggiungere un box Fedora Core 23 dal sito ufficiale di Fedora + * `vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box` +* Creare una directory `data` + * `mkdir data` +* Rinominare `Vagrantfile_MariaDB10.0` in `Vagrantfile` + * `cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile` * Start vagrant - * vagrant up + * `vagrant up` -MySQLTuner needs you +MySQLTuner ha bisogno di te: -- -**MySQLTuner** needs contributors for documentation, code and feedbacks.. -* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). -* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) -* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) +**MySQLTuner** ha bisogno di collaboratori per documentazione, codice e suggerimenti .. + +* Problemi e suggerimenti possono essere riportati su [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* La guida per contribuire è disponibile in inglese: [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Dai un Stella a **MySQLTuner project** su [GitHub](https://github.com/major/MySQLTuner-perl) From 177f8bb7888e46100c41dd74c30c62c6f721661b Mon Sep 17 00:00:00 2001 From: AlberT Date: Tue, 18 Oct 2016 16:31:47 +0200 Subject: [PATCH 205/237] Fix misprint --- README.it.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.it.md b/README.it.md index c6c7d8d..fd544ae 100644 --- a/README.it.md +++ b/README.it.md @@ -164,7 +164,6 @@ Questo genere di cose sono destinate ad accadere. Ecco i dettagli di cui ho biso * Il testo completo dell'errore * L'output dei comandi `SHOW VARIABLES;` e `SHOW GLOBAL STATUS;`(se possibile) -**Domanda: How to perform a CVE vulneralibity checks ?** **Domanda: Come eseguo il check per le vulnerabilità CVE ?** * Scarica il file `vulnerabilities.csv`da questo repository. From 7b3f2ce9a9738cc29083b7377fd0a9c4e459f90f Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Sun, 23 Oct 2016 13:42:01 +0800 Subject: [PATCH 206/237] Something wrong to print --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index f3eeff3..1628469 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4555,7 +4555,7 @@ sub mysql_innodb { . hr_bytes_rnd( $myvar{'innodb_buffer_pool_size'}/4 ) . ") if possible." ); } else { goodprint "InnoDB log file size / InnoDb Buffer pool size: " - . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . "/" + . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; } # InnoDB Buffer Pull Instances (MySQL 5.6.6+) From 301e5f2291fa80d7237b436778b9090dcef3681a Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Mon, 24 Oct 2016 00:32:48 +0800 Subject: [PATCH 207/237] Non importance changes --- mysqltuner.pl | 78 +++++++++++++++++++++++++-------------------------- 1 file changed, 38 insertions(+), 40 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1628469..29f5822 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2868,7 +2868,7 @@ sub mysql_stats { . $myvar{'open_files_limit'} . ") variable " ); push( @generalrec, - "should be greater than $table_cache_var ( " + "should be greater than $table_cache_var (" . $myvar{$table_cache_var} . ")" ); } @@ -2919,25 +2919,23 @@ sub mysql_stats { if ( $mycalc{'pct_binlog_cache'} < 90 && $mystat{'Binlog_cache_use'} > 0 ) { badprint "Binlog cache memory access: " - . $mycalc{'pct_binlog_cache'} . "% ( " - . ( - $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) + . $mycalc{'pct_binlog_cache'} . "% (" + . ( $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) . " Memory / " . $mystat{'Binlog_cache_use'} . " Total)"; push( @generalrec, "Increase binlog_cache_size (Actual value: " . $myvar{'binlog_cache_size'} - . ") " ); + . ")" ); push( @adjvars, "binlog_cache_size (" . hr_bytes( $myvar{'binlog_cache_size'} + 16 * 1024 * 1024 ) - . " ) " ); + . ")" ); } else { goodprint "Binlog cache memory access: " - . $mycalc{'pct_binlog_cache'} . "% ( " - . ( - $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) + . $mycalc{'pct_binlog_cache'} . "% (" + . ( $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) . " Memory / " . $mystat{'Binlog_cache_use'} . " Total)"; @@ -3661,7 +3659,7 @@ sub mysqsl_pfs { # TOP 15 high read latency index subheaderprint "Performance schema: TOP 15 high read latency index"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3670,7 +3668,7 @@ sub mysqsl_pfs { # TOP 15 high insert latency index subheaderprint "Performance schema: TOP 15 most modified indexes"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3679,7 +3677,7 @@ sub mysqsl_pfs { # TOP 15 high update latency index subheaderprint "Performance schema: TOP 15 high update latency index"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3688,7 +3686,7 @@ sub mysqsl_pfs { # TOP 15 high delete latency index subheaderprint "Performance schema: TOP 15 high delete latency index"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3715,7 +3713,7 @@ sub mysqsl_pfs { # TOP 15 high read latency tables subheaderprint "Performance schema: TOP 15 high read latency tables"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3724,7 +3722,7 @@ sub mysqsl_pfs { # TOP 15 high insert latency tables subheaderprint "Performance schema: TOP 15 high insert latency tables"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3733,7 +3731,7 @@ sub mysqsl_pfs { # TOP 15 high update latency tables subheaderprint "Performance schema: TOP 15 high update latency tables"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3742,7 +3740,7 @@ sub mysqsl_pfs { # TOP 15 high delete latency tables subheaderprint "Performance schema: TOP 15 high delete latency tables"; $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3757,7 +3755,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Tables not using InnoDb buffer"; + subheaderprint "Performance schema: Tables not using InnoDB buffer"; $nbL=1; for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { infoprint " +-- $nbL: $lQuery"; @@ -3765,14 +3763,14 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Table not using InnoDb buffer"; + subheaderprint "Performance schema: Table not using InnoDB buffer"; $nbL=1; for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Table not using InnoDb buffer"; + subheaderprint "Performance schema: Table not using InnoDB buffer"; $nbL=1; for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { infoprint " +-- $nbL: $lQuery"; @@ -3780,7 +3778,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Top 15 Tables using InnoDb buffer"; + subheaderprint "Performance schema: Top 15 Tables using InnoDB buffer"; $nbL=1; for my $lQuery(select_array ('Select table_schema, table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3789,7 +3787,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Top 15 Tables with InnoDb buffer free"; + subheaderprint "Performance schema: Top 15 Tables with InnoDB buffer free"; $nbL=1; for my $lQuery(select_array ('Select table_schema, table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; @@ -3896,7 +3894,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 total latency queries with sort"; $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3904,7 +3902,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 merge queries with sort"; $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3912,7 +3910,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 average sort merges queries with sort"; $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3920,7 +3918,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 scans queries with sort"; $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3928,7 +3926,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 range queries with sort"; $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3984,7 +3982,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 queries with temp table to disk"; $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, disk_tmp_tables from statements_with_sorting ORDER BY disk_tmp_tables DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select db, query, disk_tmp_tables from statements_with_sorting ORDER BY disk_tmp_tables DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -4005,7 +4003,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 class events by number"; $nbL=1; - for my $lQuery(select_array ('use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -4021,7 +4019,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 class events by total latency"; $nbL=1; - for my $lQuery(select_array ('use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -4037,7 +4035,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: TOP 15 class events by max latency"; $nbL=1; - for my $lQuery(select_array ('use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;')) { + for my $lQuery(select_array ('use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -4289,14 +4287,14 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0" else { goodprint "All tables get a primary key"; } - my @nonInnoDbTables = select_array( -"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDb' and table_schema not in ('mysql', 'performance_schema', 'information_schema')" + my @nonInnoDBTables = select_array( +"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDB' and table_schema not in ('mysql', 'performance_schema', 'information_schema')" ); - if ( scalar(@nonInnoDbTables) > 0 ) { + if ( scalar(@nonInnoDBTables) > 0 ) { badprint "Following table(s) are not InnoDB table:"; push @generalrec, "Ensure that all table(s) are InnoDB tables for Galera replication"; - foreach my $badtable (@nonInnoDbTables) { + foreach my $badtable (@nonInnoDBTables) { badprint "\t$badtable"; } } @@ -4311,11 +4309,11 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0" goodprint "Binlog format is in ROW mode."; } if ( $myvar{'innodb_flush_log_at_trx_commit'} != 0 ) { - badprint "Innodb flush log at each commit should be disabled."; + badprint "InnoDB flush log at each commit should be disabled."; push @adjvars, "innodb_flush_log_at_trx_commit = 0"; } else { - goodprint "Innodb flush log at each commit is disabled for Galera."; + goodprint "InnoDB flush log at each commit is disabled for Galera."; } infoprint "Read consistency mode :" . $myvar{'wsrep_causal_reads'}; @@ -4546,15 +4544,15 @@ sub mysql_innodb { . ") if possible." ); } if ($mycalc{'innodb_log_size_pct'} < 20 or $mycalc{'innodb_log_size_pct'} > 30) { - badprint "Ratio InnoDB log file size / InnoDb Buffer pool size (". + badprint "Ratio InnoDB log file size / InnoDB Buffer pool size (". $mycalc{'innodb_log_size_pct'}. " %): " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; push( @adjvars, - "innodb_log_file_size should be equals to 1/4 of buffer pool size (= " + "innodb_log_file_size should be equals to 1/4 of buffer pool size (=" . hr_bytes_rnd( $myvar{'innodb_buffer_pool_size'}/4 ) . ") if possible." ); } else { - goodprint "InnoDB log file size / InnoDb Buffer pool size: " + goodprint "InnoDB log file size / InnoDB Buffer pool size: " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; } From 915be0fbe4f84b7db94a25baccbaa21ea63a485c Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Mon, 24 Oct 2016 00:38:32 +0800 Subject: [PATCH 208/237] Non importance changes --- mysqltuner.pl | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 29f5822..1783491 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -681,7 +681,7 @@ sub mysql_setup { $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port}; # If we're doing a remote connection, but forcemem wasn't specified, we need to exit - if ( $opt{'forcemem'} eq 0 + if ( $opt{'forcemem'} eq 0 && ( $opt{host} ne "127.0.0.1" ) && ( $opt{host} ne "localhost" ) ) { @@ -1658,7 +1658,7 @@ sub get_replication_status { badprint "This replication slave is not running but seems to be configured."; } - if ( defined($io_running) + if ( defined($io_running) && $io_running =~ /yes/i && $sql_running =~ /yes/i ) { @@ -1898,7 +1898,7 @@ sub check_storage_engines { # Now we build a database list, and loop through it to get storage engine stats for tables foreach my $db (@dblist) { chomp($db); - if ( $db eq "information_schema" + if ( $db eq "information_schema" or $db eq "performance_schema" or $db eq "mysql" or $db eq "lost+found" ) @@ -2516,7 +2516,7 @@ sub mysql_stats { } } - if ( $arch + if ( $arch && $arch == 32 && $mycalc{'max_used_memory'} > 2 * 1024 * 1024 * 1024 ) { @@ -2751,7 +2751,7 @@ sub mysql_stats { # Temporary tables if ( $mystat{'Created_tmp_tables'} > 0 ) { - if ( $mycalc{'pct_temp_disk'} > 25 + if ( $mycalc{'pct_temp_disk'} > 25 && $mycalc{'max_tmp_table_size'} < 256 * 1024 * 1024 ) { badprint @@ -2916,7 +2916,7 @@ sub mysql_stats { # Binlog cache if ( defined $mycalc{'pct_binlog_cache'} ) { - if ( $mycalc{'pct_binlog_cache'} < 90 + if ( $mycalc{'pct_binlog_cache'} < 90 && $mystat{'Binlog_cache_use'} > 0 ) { badprint "Binlog cache memory access: " . $mycalc{'pct_binlog_cache'} . "% (" @@ -3002,7 +3002,7 @@ sub mysql_myisam { badprint "None of your MyISAM tables are indexed - add indexes immediately"; } else { - if ( $myvar{'key_buffer_size'} < $mycalc{'total_myisam_indexes'} + if ( $myvar{'key_buffer_size'} < $mycalc{'total_myisam_indexes'} && $mycalc{'pct_keys_from_mem'} < 95 ) { badprint "Key buffer size / total MyISAM indexes: " @@ -3088,7 +3088,7 @@ sub mariadb_threadpool { } if ( $myvar{'have_innodb'} eq 'YES' ) { - if ( $myvar{'thread_pool_size'} < 16 + if ( $myvar{'thread_pool_size'} < 16 or $myvar{'thread_pool_size'} > 36 ) { badprint @@ -4770,7 +4770,7 @@ sub mysql_databases { foreach (@dblist) { chomp($_); - if ( $_ eq "information_schema" + if ( $_ eq "information_schema" or $_ eq "performance_schema" or $_ eq "mysql" or $_ eq "" ) From f4e46cdbc069ad287fd1109e4052783c0b1ba8ae Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Mon, 24 Oct 2016 07:34:19 +0800 Subject: [PATCH 209/237] Non importance changes --- mysqltuner.pl | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1783491..489c916 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3413,7 +3413,7 @@ sub mysqsl_pfs { # Process per allocated memory subheaderprint "Performance schema: Process per allocated memory"; $nbL=1; - for my $lQuery(select_array ("select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;" )) { + for my $lQuery(select_array ("select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;" )) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3780,7 +3780,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: Top 15 Tables using InnoDB buffer"; $nbL=1; - for my $lQuery(select_array ('Select table_schema, table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { + for my $lQuery(select_array ('select table_schema, table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3789,7 +3789,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: Top 15 Tables with InnoDB buffer free"; $nbL=1; - for my $lQuery(select_array ('Select table_schema, table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { + for my $lQuery(select_array ('select table_schema, table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -5441,4 +5441,3 @@ along with this program. If not, see . # cperl-indent-level: 8 # perl-indent-level: 8 # End: - From 4f1a6ec38b20ecaa6f629089957ae3889a7dbf28 Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Mon, 24 Oct 2016 07:36:05 +0800 Subject: [PATCH 210/237] Non importance changes --- mysqltuner.pl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 489c916..23539d5 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -3780,7 +3780,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: Top 15 Tables using InnoDB buffer"; $nbL=1; - for my $lQuery(select_array ('select table_schema, table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { + for my $lQuery(select_array ('select table_schema,table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -3789,7 +3789,7 @@ sub mysqsl_pfs { subheaderprint "Performance schema: Top 15 Tables with InnoDB buffer free"; $nbL=1; - for my $lQuery(select_array ('select table_schema, table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { + for my $lQuery(select_array ('select table_schema,table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { infoprint " +-- $nbL: $lQuery"; $nbL++; } @@ -5441,3 +5441,4 @@ along with this program. If not, see . # cperl-indent-level: 8 # perl-indent-level: 8 # End: + From f68b731498d05d7a4116707637fe3b8080fe5a68 Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Mon, 24 Oct 2016 17:21:56 +0800 Subject: [PATCH 211/237] Non importance changes --- mysqltuner.pl | 62 +++++++++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 23539d5..2c59299 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -206,7 +206,7 @@ if ( $opt{verbose} ) { $opt{pfstat} = 1; #Print performance schema info. $opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks } - + # for RPM distributions $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv" unless ( defined $opt{cvefile} and -f "$opt{cvefile}" ); @@ -810,7 +810,7 @@ sub mysql_setup { debugprint "defaults file detected: $opt{'defaults-file'}"; my $mysqlclidefaults = `$mysqlcmd --print-defaults`; debugprint "MySQL Client Default File: $opt{'defaults-file'}"; - + $mysqllogin = "--defaults-file=".$opt{'defaults-file'}; my $loginstatus = `$mysqladmincmd $mysqllogin ping 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { @@ -3159,10 +3159,10 @@ sub mysqsl_pfs { infoprint "Sys schema is installed."; return if ( $opt{pfstat} == 0 ); - + infoprint "Sys schema Version: ".select_one("select sys_version from sys.version"); - # Top user per connection + # Top user per connection subheaderprint "Performance schema: Top 5 user per connection"; my $nbL=1; for my $lQuery(select_array ('select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5')) { @@ -3171,7 +3171,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top user per statement + # Top user per statement subheaderprint "Performance schema: Top 5 user per statement"; $nbL=1; for my $lQuery(select_array ('select user, statements from sys.user_summary order by statements desc LIMIT 5')) { @@ -3208,7 +3208,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Top user per row_sent subheaderprint "Performance schema: Top 5 user per rows sent"; $nbL=1; @@ -3217,7 +3217,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Top user per row modified subheaderprint "Performance schema: Top 5 user per rows modified"; $nbL=1; @@ -3245,7 +3245,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per connection + # Top host per connection subheaderprint "Performance schema: Top 5 host per connection"; $nbL=1; for my $lQuery(select_array ('select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5')) { @@ -3254,7 +3254,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Top host per statement + # Top host per statement subheaderprint "Performance schema: Top 5 host per statement"; $nbL=1; for my $lQuery(select_array ('select host, statements from sys.host_summary order by statements desc LIMIT 5')) { @@ -3291,7 +3291,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Top host per rows sent subheaderprint "Performance schema: Top 5 host per rows sent"; $nbL=1; @@ -3300,7 +3300,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Top host per rows modified subheaderprint "Performance schema: Top 5 host per rows modified"; $nbL=1; @@ -3354,7 +3354,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Top Stages order by total io subheaderprint "Performance schema: Top Stages order by total io"; $nbL=1; @@ -3427,7 +3427,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # Threads IO Latency subheaderprint "Performance schema: Thread IO Latency"; $nbL=1; @@ -3437,7 +3437,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # High Cost SQL statements + # High Cost SQL statements subheaderprint "Performance schema: Top 5 Most latency statements"; $nbL=1; for my $lQuery(select_array ('select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5')) { @@ -3445,8 +3445,8 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - - # Top 5% slower queries + + # Top 5% slower queries subheaderprint "Performance schema: Top 5 slower queries"; $nbL=1; for my $lQuery(select_array ('select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5')) { @@ -3509,7 +3509,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Use temporary tables + # Use temporary tables subheaderprint "Performance schema: Some queries using temp table"; $nbL=1; for my $lQuery(select_array ('use sys;select query from sys.statements_with_temp_tables LIMIT 20')) { @@ -3517,8 +3517,8 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - - # Unused Indexes + + # Unused Indexes subheaderprint "Performance schema: Unused indexes"; $nbL=1; for my $lQuery(select_array ('select * from sys.schema_unused_indexes')) { @@ -3527,7 +3527,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # Full table scans + # Full table scans subheaderprint "Performance schema: Tables with full table scans"; $nbL=1; for my $lQuery(select_array ('select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC')) { @@ -3655,7 +3655,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # TOP 15 high read latency index subheaderprint "Performance schema: TOP 15 high read latency index"; $nbL=1; @@ -3709,7 +3709,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + # TOP 15 high read latency tables subheaderprint "Performance schema: TOP 15 high read latency tables"; $nbL=1; @@ -3842,7 +3842,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + subheaderprint "Performance schema: TOP 15 total latency queries (95% percentile)"; $nbL=1; for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;')) { @@ -3858,7 +3858,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + subheaderprint "Performance schema: TOP 15 average latency queries (95% percentile)"; $nbL=1; for my $lQuery(select_array ('use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;')) { @@ -3867,7 +3867,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + subheaderprint "Performance schema: Top 20 queries with sort"; $nbL=1; for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_sorting order BY exec_count DESC LIMIT 20;')) { @@ -3907,7 +3907,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + subheaderprint "Performance schema: TOP 15 average sort merges queries with sort"; $nbL=1; for my $lQuery(select_array ('use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;')) { @@ -3915,7 +3915,7 @@ sub mysqsl_pfs { $nbL++; } infoprint "No information found or indicators desactivated." if ($nbL == 1); - + subheaderprint "Performance schema: TOP 15 scans queries with sort"; $nbL=1; for my $lQuery(select_array ('use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;')) { @@ -4513,7 +4513,7 @@ sub mysql_innodb { infoprint " +-- InnoDB Log File Size: " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "(".$mycalc{'innodb_log_size_pct'}." % of buffer pool)"; } - + if ( defined $myvar{'innodb_log_buffer_size'} ) { infoprint " +-- InnoDB Log Buffer: " . hr_bytes( $myvar{'innodb_log_buffer_size'} ) ; @@ -4919,7 +4919,7 @@ SELECT , s2.max_columns AS 'maxcol' , s.CARDINALITY AS 'card' , t.TABLE_ROWS AS 'est_rows' - , INDEX_TYPE as type + , INDEX_TYPE as type , ROUND(((s.CARDINALITY / IFNULL(t.TABLE_ROWS, 0.01)) * 100), 2) AS 'sel' FROM INFORMATION_SCHEMA.STATISTICS s INNER JOIN INFORMATION_SCHEMA.TABLES t @@ -5165,7 +5165,7 @@ mariadb_threadpool; # Print MaraiDB ThreadPool stats mysql_myisam; # Print MyISAM stats mysql_innodb; # Print InnoDB stats mariadb_ariadb; # Print MaraiDB AriaDB stats -mariadb_tokudb; # Print MariaDB Tokudb stats +mariadb_tokudb; # Print MariaDB Tokudb stats mariadb_xtradb; # Print MariaDB XtraDB stats mariadb_rockdb; # Print MariaDB RockDB stats mariadb_spider; # Print MariaDB Spider stats @@ -5228,7 +5228,7 @@ You must provide the remote server's total memory when connecting to other serve --dbstat Print database information --idxstat Print index information --sysstat Print system information - --pfstat Print Performance schema + --pfstat Print Performance schema --bannedports Ports banned separated by comma(,) --maxportallowed Number of ports opened allowed on this hosts --cvefile CVE File for vulnerability checks From 05c1e6eb7557fbb56b366de1ba0b2d6c6e5745e2 Mon Sep 17 00:00:00 2001 From: Karl Chen Date: Mon, 24 Oct 2016 17:25:07 +0800 Subject: [PATCH 212/237] Non importance changes --- mysqltuner.pl | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 2c59299..418eed8 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1343,7 +1343,7 @@ sub get_kernel_info() { 'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)'; } else { - infoprint "Max Number of AIO events is > 1M."; + infoprint "Max Number of AIO events is > 1M."; } } @@ -1767,7 +1767,7 @@ sub check_architecture { } elsif ( `uname` =~ /Darwin/ && `uname -m` =~ /x86_64/ ) { -# Darwin gibas.local 12.3.0 Darwin Kernel Version 12.3.0: Sun Jan 6 22:37:10 PST 2013; root:xnu-2050.22.13~1/RELEASE_X86_64 x86_64 +# Darwin gibas.local 12.3.0 Darwin Kernel Version 12.3.0: Sun Jan 6 22:37:10 PST 2013; root:xnu-2050.22.13~1/RELEASE_X86_64 x86_64 $arch = 64; goodprint "Operating on 64-bit architecture"; } @@ -3165,7 +3165,7 @@ sub mysqsl_pfs { # Top user per connection subheaderprint "Performance schema: Top 5 user per connection"; my $nbL=1; - for my $lQuery(select_array ('select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5')) { + for my $lQuery(select_array ('select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5')) { infoprint " +-- $nbL: $lQuery conn(s)"; $nbL++; } @@ -3248,7 +3248,7 @@ sub mysqsl_pfs { # Top host per connection subheaderprint "Performance schema: Top 5 host per connection"; $nbL=1; - for my $lQuery(select_array ('select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5')) { + for my $lQuery(select_array ('select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5')) { infoprint " +-- $nbL: $lQuery conn(s)"; $nbL++; } @@ -3546,7 +3546,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); - # FILE by IO read bytes + # FILE by IO read bytes subheaderprint "Performance schema: FILE by IO read bytes"; $nbL=1; for my $lQuery(select_array ("use sys;(select file, total_read from io_global_by_file_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select file, total_read from io_global_by_file_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);")) { @@ -3555,7 +3555,7 @@ sub mysqsl_pfs { } infoprint "No information found or indicators desactivated." if ($nbL == 1); - # FILE by IO written bytes + # FILE by IO written bytes subheaderprint "Performance schema: FILE by IO written bytes"; $nbL=1; for my $lQuery(select_array ("use sys;(select file, total_written from io_global_by_file_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select file, total_written from io_global_by_file_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);")) { @@ -3602,7 +3602,7 @@ sub mysqsl_pfs { infoprint "No information found or indicators desactivated." if ($nbL == 1); # Event Wait by write bytes - subheaderprint "Performance schema: Event Wait written bytes"; + subheaderprint "Performance schema: Event Wait written bytes"; $nbL=1; for my $lQuery(select_array ("use sys;(select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);")) { infoprint " +-- $nbL: $lQuery"; @@ -4792,7 +4792,7 @@ sub mysql_databases { . ( join ", ", select_array( -"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';" +"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';" ) ) . ")"; infoprint " +-- ROWS : " @@ -4857,13 +4857,13 @@ sub mysql_databases { } my @distinct_column_charset = select_array( -"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'" +"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'" ); infoprint "Charsets for $dbinfo[0] database table column: " . join( ', ', @distinct_column_charset ); if ( scalar(@distinct_column_charset) > 1 ) { badprint $dbinfo[0] - . " table column(s) has several charsets defined for all text like column(s)."; + . " table column(s) has several charsets defined for all text like column(s)."; push( @generalrec, "Limit charset for column to one charset if possible for " . $dbinfo[0] @@ -4875,13 +4875,13 @@ sub mysql_databases { } my @distinct_column_collation = select_array( -"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'" +"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'" ); infoprint "Collations for $dbinfo[0] database table column: " . join( ', ', @distinct_column_collation ); if ( scalar(@distinct_column_collation) > 1 ) { badprint $dbinfo[0] - . " table column(s) has several collations defined for all text like column(s)."; + . " table column(s) has several collations defined for all text like column(s)."; push( @generalrec, "Limit collations for column to one collation if possible for " . $dbinfo[0] From 5a3873ece4c69c3b27f37f4f14b15c450e944e21 Mon Sep 17 00:00:00 2001 From: Henrique Moody Date: Thu, 27 Oct 2016 15:28:41 +0200 Subject: [PATCH 213/237] Use single quotes around password Password may contain characters, like `$` and `!`, that may be interpreted by the shell. Prevent it to happen by using single quotes. --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 1628469..156dea2 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -873,7 +873,7 @@ sub mysql_setup { $mysqllogin = "-u $name"; if ( length($password) > 0 ) { - $mysqllogin .= " -p\"$password\""; + $mysqllogin .= " -p'$password'"; } $mysqllogin .= $remotestring; my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`; From 6b9920902bf6702b0207216b1e4e2602ef073080 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 2 Nov 2016 20:02:41 +0100 Subject: [PATCH 214/237] Last modifications --- README.fr.md | 236 ++++++++++++++++++++++++++++++++++++++++++++++++++ mysqltuner.pl | 15 +++- 2 files changed, 250 insertions(+), 1 deletion(-) create mode 100644 README.fr.md diff --git a/README.fr.md b/README.fr.md new file mode 100644 index 0000000..8bef63d --- /dev/null +++ b/README.fr.md @@ -0,0 +1,236 @@ +MySQLTuner-perl +==== +[![Build Status - Master](https://travis-ci.org/major/MySQLTuner-perl.svg?branch=master)](https://travis-ci.org/major/MySQLTuner-perl) +[![Project Status](http://opensource.box.com/badges/active.svg)](http://opensource.box.com/badges) +[![Project Status](http://opensource.box.com/badges/maintenance.svg)](http://opensource.box.com/badges) +[![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue") +[![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") +[![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) + +**MySQLTuner** est un script écrit en Perl qui permet d'effectuer une revue de configuration pour MySQL/MAriaDB/PerconaDB rapidement et propose des ajustements pour améliorer la performance et la stabilité du serveur. L'état des variables et statuts est analysé et présenté de manière synthétique et structurée ainsi que plusieurs suggestions basiques concernant la performance. + +**MySQLTuner** supporte dans a dernière version plus de ~300 indicators pour MySQL/MariaDB/Percona Server. + +**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... + +You can found more details on this indicators +![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). + + +![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) + +MySQLTuner needs you: +=== + +**MySQLTuner** needs contributors for documentation, code and feedbacks.. + +* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) + +Compatibility: +==== + +* MySQL 5.7 (full support) +* MySQL 5.6 (full support) +* MySQL 5.5 (full support) +* MariaDB 10.1 (full support) +* MariaDB 10.0 (full support) +* Percona Server 5.6 (full support) +* Percona XtraDB cluster (full support) +* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version) +* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package) +* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants) +* Windows is not supported at this time (Help wanted !!!!!) +* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1) +* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org) + +***WARNING*** +-- +It is **extremely important** for you to fully understand each change +you make to a MySQL database server. If you don't understand portions +of the script's output, or if you don't understand the recommendations, +**you should consult** a knowledgeable DBA or system administrator +that you trust. **Always** test your changes on staging environments, and +always keep in mind that improvements in one area can **negatively affect** +MySQL in other areas. + +**Seriously - please review the FAQ section below.** + +What MySQLTuner is checking exactly ? +-- +All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation. + +Download/Installation +-- + +You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is: + + wget http://mysqltuner.pl/ -O mysqltuner.pl + wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt + wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv + perl mysqltuner.pl + +Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly. + +Specific usage +-- + +__Usage:__ Minimal usage locally + + perl mysqltuner.pl + +__Usage:__ Minimal usage remotely + + perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password + +__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging + + perl mysqltuner.pl --verbose + perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat + + +__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version + + perl mysqltuner.pl --cvefile=vulnerabilities.csv + +__Usage:__ Write your result in a file with information displayed + + perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt + +__Usage:__ Write your result in a file **without outputting information** + + perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt + +__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax. + + perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl + +__Usage:__ Enable debugging information + + perl mysqltuner.pl --debug + +FAQ +-- + +**Question: Will MySQLTuner fix my slow MySQL server?** + +**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.* + +**Question: Can I fire my DBA now?** + +**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call. + +**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?** + +The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains: + + [client] + user=someusername + pass=thatuserspassword + +Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option. + +**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?** + +You could use mysql_config_editor utilities. + + $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost + Enter passord: ******** + $ + +At this time, ~/.mylogin.cnf has been written with appropriated rigth access. + +To get information about stored credentials, use the following command: + + $mysql_config_editor print + [client] + user = someusername + password = ***** + host = localhost + +**Question: What's minimum privileges needed by a specific mysqltuner user in database ?** + + mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234; + +**Question: It's not working on my OS! What gives?!** + +These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly: + +* OS and OS version +* Architecture (x86, x86_64, IA64, Commodore 64) +* Exact MySQL version +* Where you obtained your MySQL version (OS package, source, etc) +* The full text of the error +* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) + +**Question: How to perform a CVE vulneralibity checks ?** + +* Download vulnerabilities.csv from this repository. +* use option --cvefile to perform CVE checks + +**Question: How to use mysqltuner from remote host ?** +Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) + +* You will still have to connect like a mysql client: + +Connection and Authentication + + --host Connect to a remote host to perform tests (default: localhost) + --socket Use a different socket for a local connection + --port Port to use for connection (default: 3306) + --user Username to use for authentication + --pass Password to use for authentication + --defaults-file defaulfs file for credentials + +Since you are using a remote host, use parameters to supply values from the OS + + --forcemem Amount of RAM installed in megabytes + --forceswap Amount of swap memory configured in megabytes + +* You may have to contact your remote SysAdmin to ask how much RAM and swap you have + +If the database has too many tables, or very large table, use this: + + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + +MySQLTuner and Vagrant +-- +**MySQLTuner** contains following Vagrant configurations: +* Fedora Core 23 / MariaDB 10.0 +* Fedora Core 23 / MariaDB 10.1 +* Fedora Core 23 / MySQL 5.6 +* Fedora Core 23 / MySQL 5.7 + +**Vagrant File** are stored in Vagrant subdirectory. +* Follow this 2 steps after vagrant installation: +* Rename VagrantFile_for_Mxxx into Vagrantfile +* vagrant up + +**MySQLTuner** contains a Vagrant configurations for test purpose and development +* Install VirtualBox and Vagrant + * https://www.virtualbox.org/wiki/Downloads + * https://www.vagrantup.com/downloads.html +* Clone repository + * git clone https://github.com/major/MySQLTuner-perl.git +* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest + * vagrant plugin install vagrant-hostmanager + * vagrant plugin install vagrant-vbguest +* Add Fedora Core 23 box for official Fedora Download Website + * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box +* Create a data directory + * mkdir data +* Rename Vagrantfile_MariaDB10.0 into Vagrantfile + * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile +* Start vagrant + * vagrant up + +MySQLTuner a besoin de vous +-- +**MySQLTuner** a besoin de contributeurs pour la documentation, le code, des tests et des retours d'expérience. + +* Rejoignez-nous sur le suivi de ticket à [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Le guide de contribution en anglais est disponible ici [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Ajouter une étoile à **MySQLTuner project** ici [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) + diff --git a/mysqltuner.pl b/mysqltuner.pl index f3eeff3..5f7eb5b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4515,7 +4515,6 @@ sub mysql_innodb { infoprint " +-- InnoDB Log File Size: " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "(".$mycalc{'innodb_log_size_pct'}." % of buffer pool)"; } - if ( defined $myvar{'innodb_log_buffer_size'} ) { infoprint " +-- InnoDB Log Buffer: " . hr_bytes( $myvar{'innodb_log_buffer_size'} ) ; @@ -4529,6 +4528,19 @@ sub mysql_innodb { . hr_bytes( $mystat{'Innodb_buffer_pool_pages_total'} ) . ""; } } + if ( defined $myvar{'innodb_thread_concurrency'} ) { + infoprint "InnoDB Thread Cucurrency: " + . $myvar{'innodb_thread_concurrency'} ; + } + # InnoDB Buffer Pull Size + if ( $myvar{'innodb_file_per_table'} == "ON" ) { + goodprint "InnoDB File per table is activated"; + } + else { + badprint "InnoDB File per table is not activated"; + push( @adjvars, + "innodb_file_per_table=ON" ); + } # InnoDB Buffer Pull Size if ( $myvar{'innodb_buffer_pool_size'} > $enginestats{'InnoDB'} ) { @@ -4642,6 +4654,7 @@ sub mysql_innodb { } } + # InnoDB Read efficency if ( defined $mycalc{'pct_read_efficiency'} && $mycalc{'pct_read_efficiency'} < 90 ) From e6b57a84d38fdd498300aadda2ab3881b16ea1c2 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 3 Nov 2016 10:36:59 +0100 Subject: [PATCH 215/237] New indicators from performance schema --- mysqltuner.pl | 1749 +++++++++++++++++++++++++++++++++---------------- 1 file changed, 1175 insertions(+), 574 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 7ab7be9..5df44b0 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -681,7 +681,7 @@ sub mysql_setup { $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port}; # If we're doing a remote connection, but forcemem wasn't specified, we need to exit - if ( $opt{'forcemem'} eq 0 + if ( $opt{'forcemem'} eq 0 && ( $opt{host} ne "127.0.0.1" ) && ( $opt{host} ne "localhost" ) ) { @@ -805,17 +805,18 @@ sub mysql_setup { "Attempted to use login credentials from debian maintenance account, but they failed."; exit 1; } - } elsif ($opt{'defaults-file'} ne 0 and -r "$opt{'defaults-file'}") { - # defaults-file - debugprint "defaults file detected: $opt{'defaults-file'}"; - my $mysqlclidefaults = `$mysqlcmd --print-defaults`; - debugprint "MySQL Client Default File: $opt{'defaults-file'}"; + } + elsif ( $opt{'defaults-file'} ne 0 and -r "$opt{'defaults-file'}" ) { - $mysqllogin = "--defaults-file=".$opt{'defaults-file'}; + # defaults-file + debugprint "defaults file detected: $opt{'defaults-file'}"; + my $mysqlclidefaults = `$mysqlcmd --print-defaults`; + debugprint "MySQL Client Default File: $opt{'defaults-file'}"; + + $mysqllogin = "--defaults-file=" . $opt{'defaults-file'}; my $loginstatus = `$mysqladmincmd $mysqllogin ping 2>&1`; if ( $loginstatus =~ /mysqld is alive/ ) { - goodprint - "Logged in using credentials from defaults file account."; + goodprint "Logged in using credentials from defaults file account."; return 1; } } @@ -1525,10 +1526,11 @@ sub security_recommendations { # Looking for Empty Password if ( mysql_version_ge( 5, 5 ) ) { - @mysqlstatlist = select_array + @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')"; - } else { - @mysqlstatlist = select_array + } + else { + @mysqlstatlist = select_array "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL)"; } if (@mysqlstatlist) { @@ -1658,7 +1660,7 @@ sub get_replication_status { badprint "This replication slave is not running but seems to be configured."; } - if ( defined($io_running) + if ( defined($io_running) && $io_running =~ /yes/i && $sql_running =~ /yes/i ) { @@ -1898,7 +1900,7 @@ sub check_storage_engines { # Now we build a database list, and loop through it to get storage engine stats for tables foreach my $db (@dblist) { chomp($db); - if ( $db eq "information_schema" + if ( $db eq "information_schema" or $db eq "performance_schema" or $db eq "mysql" or $db eq "lost+found" ) @@ -2516,7 +2518,7 @@ sub mysql_stats { } } - if ( $arch + if ( $arch && $arch == 32 && $mycalc{'max_used_memory'} > 2 * 1024 * 1024 * 1024 ) { @@ -2751,7 +2753,7 @@ sub mysql_stats { # Temporary tables if ( $mystat{'Created_tmp_tables'} > 0 ) { - if ( $mycalc{'pct_temp_disk'} > 25 + if ( $mycalc{'pct_temp_disk'} > 25 && $mycalc{'max_tmp_table_size'} < 256 * 1024 * 1024 ) { badprint @@ -2889,7 +2891,8 @@ sub mysql_stats { . hr_num( $myvar{'open_files_limit'} ) . ")"; push( @adjvars, "open_files_limit (> " . $myvar{'open_files_limit'} . ")" ); - } else { + } + else { goodprint "Open file limit used: $mycalc{'pct_files_open'}% (" . hr_num( $mystat{'Open_files'} ) . "/" . hr_num( $myvar{'open_files_limit'} ) . ")"; @@ -2903,7 +2906,8 @@ sub mysql_stats { "Table locks acquired immediately: $mycalc{'pct_table_locks_immediate'}%"; push( @generalrec, "Optimize queries and/or use InnoDB to reduce lock wait" ); - } else { + } + else { goodprint "Table locks acquired immediately: $mycalc{'pct_table_locks_immediate'}% (" . hr_num( $mystat{'Table_locks_immediate'} ) @@ -2916,11 +2920,13 @@ sub mysql_stats { # Binlog cache if ( defined $mycalc{'pct_binlog_cache'} ) { - if ( $mycalc{'pct_binlog_cache'} < 90 - && $mystat{'Binlog_cache_use'} > 0 ) { + if ( $mycalc{'pct_binlog_cache'} < 90 + && $mystat{'Binlog_cache_use'} > 0 ) + { badprint "Binlog cache memory access: " . $mycalc{'pct_binlog_cache'} . "% (" - . ( $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) + . ( + $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) . " Memory / " . $mystat{'Binlog_cache_use'} . " Total)"; @@ -2932,10 +2938,12 @@ sub mysql_stats { "binlog_cache_size (" . hr_bytes( $myvar{'binlog_cache_size'} + 16 * 1024 * 1024 ) . ")" ); - } else { + } + else { goodprint "Binlog cache memory access: " . $mycalc{'pct_binlog_cache'} . "% (" - . ( $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) + . ( + $mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} ) . " Memory / " . $mystat{'Binlog_cache_use'} . " Total)"; @@ -2947,9 +2955,11 @@ sub mysql_stats { # Performance options if ( !mysql_version_ge( 5, 1 ) ) { push( @generalrec, "Upgrade to MySQL 5.5+ to use asynchronous write" ); - } elsif ( $myvar{'concurrent_insert'} eq "OFF" ) { + } + elsif ( $myvar{'concurrent_insert'} eq "OFF" ) { push( @generalrec, "Enable concurrent_insert by setting it to 'ON'" ); - } elsif ( $myvar{'concurrent_insert'} eq 0 ) { + } + elsif ( $myvar{'concurrent_insert'} eq 0 ) { push( @generalrec, "Enable concurrent_insert by setting it to 1" ); } } @@ -2980,7 +2990,8 @@ sub mysql_myisam { . hr_num( $myvar{'key_buffer_size'} ) . " cache)"; } - } else { + } + else { # No queries have run that would use keys debugprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% (" . hr_num( @@ -2995,14 +3006,17 @@ sub mysql_myisam { push( @generalrec, "Unable to calculate MyISAM indexes on remote MySQL server < 5.0.0" ); - } elsif ( $mycalc{'total_myisam_indexes'} =~ /^fail$/ ) { + } + elsif ( $mycalc{'total_myisam_indexes'} =~ /^fail$/ ) { badprint "Cannot calculate MyISAM index size - re-run script as root user"; - } elsif ( $mycalc{'total_myisam_indexes'} == "0" ) { + } + elsif ( $mycalc{'total_myisam_indexes'} == "0" ) { badprint "None of your MyISAM tables are indexed - add indexes immediately"; - } else { - if ( $myvar{'key_buffer_size'} < $mycalc{'total_myisam_indexes'} + } + else { + if ( $myvar{'key_buffer_size'} < $mycalc{'total_myisam_indexes'} && $mycalc{'pct_keys_from_mem'} < 95 ) { badprint "Key buffer size / total MyISAM indexes: " @@ -3012,7 +3026,8 @@ sub mysql_myisam { "key_buffer_size (> " . hr_bytes( $mycalc{'total_myisam_indexes'} ) . ")" ); - } else { + } + else { goodprint "Key buffer size / total MyISAM indexes: " . hr_bytes( $myvar{'key_buffer_size'} ) . "/" . hr_bytes( $mycalc{'total_myisam_indexes'} ) . ""; @@ -3025,7 +3040,8 @@ sub mysql_myisam { . " cached / " . hr_num( $mystat{'Key_reads'} ) . " reads)"; - } else { + } + else { goodprint "Read Key buffer hit rate: $mycalc{'pct_keys_from_mem'}% (" . hr_num( $mystat{'Key_read_requests'} ) @@ -3033,7 +3049,8 @@ sub mysql_myisam { . hr_num( $mystat{'Key_reads'} ) . " reads)"; } - } else { + } + else { # No queries have run that would use keys debugprint "Key buffer size / total MyISAM indexes: " . hr_bytes( $myvar{'key_buffer_size'} ) . "/" @@ -3047,7 +3064,8 @@ sub mysql_myisam { . " cached / " . hr_num( $mystat{'Key_writes'} ) . " writes)"; - } else { + } + else { goodprint "Write Key buffer hit rate: $mycalc{'pct_wkeys_from_mem'}% (" . hr_num( $mystat{'Key_write_requests'} ) @@ -3055,7 +3073,8 @@ sub mysql_myisam { . hr_num( $mystat{'Key_writes'} ) . " writes)"; } - } else { + } + else { # No queries have run that would use keys debugprint "Write Key buffer hit rate: $mycalc{'pct_wkeys_from_mem'}% (" @@ -3088,7 +3107,7 @@ sub mariadb_threadpool { } if ( $myvar{'have_innodb'} eq 'YES' ) { - if ( $myvar{'thread_pool_size'} < 16 + if ( $myvar{'thread_pool_size'} < 16 or $myvar{'thread_pool_size'} > 36 ) { badprint @@ -3153,790 +3172,1300 @@ sub mysqsl_pfs { infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); unless ( grep /^sys$/, select_array("SHOW DATABASES") ) { - infoprint "Sys schema isn't installed."; - return; + infoprint "Sys schema isn't installed."; + return; } infoprint "Sys schema is installed."; return if ( $opt{pfstat} == 0 ); - infoprint "Sys schema Version: ".select_one("select sys_version from sys.version"); + infoprint "Sys schema Version: " + . select_one("select sys_version from sys.version"); # Top user per connection subheaderprint "Performance schema: Top 5 user per connection"; - my $nbL=1; - for my $lQuery(select_array ('select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery conn(s)"; - $nbL++; + my $nbL = 1; + for my $lQuery ( + select_array( +'select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery conn(s)"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per statement subheaderprint "Performance schema: Top 5 user per statement"; - $nbL=1; - for my $lQuery(select_array ('select user, statements from sys.user_summary order by statements desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery stmt(s)"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, statements from sys.user_summary order by statements desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery stmt(s)"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per statement latency subheaderprint "Performance schema: Top 5 user per statement latency"; - $nbL=1; - for my $lQuery(select_array ('select user, statement_avg_latency from sys.user_summary order by statement_avg_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, statement_avg_latency from sys.user_summary order by statement_avg_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per lock latency subheaderprint "Performance schema: Top 5 user per lock latency"; - $nbL=1; - for my $lQuery(select_array ('select user, lock_latency from sys.user_summary_by_statement_latency order by lock_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, lock_latency from sys.user_summary_by_statement_latency order by lock_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per full scans subheaderprint "Performance schema: Top 5 user per nb full scans"; - $nbL=1; - for my $lQuery(select_array ('select user, full_scans from sys.user_summary_by_statement_latency order by full_scans desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, full_scans from sys.user_summary_by_statement_latency order by full_scans desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per row_sent subheaderprint "Performance schema: Top 5 user per rows sent"; - $nbL=1; - for my $lQuery(select_array ('select user, rows_sent from sys.user_summary_by_statement_latency order by rows_sent desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, rows_sent from sys.user_summary_by_statement_latency order by rows_sent desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per row modified subheaderprint "Performance schema: Top 5 user per rows modified"; - $nbL=1; - for my $lQuery(select_array ('select user, rows_affected from sys.user_summary_by_statement_latency order by rows_affected desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, rows_affected from sys.user_summary_by_statement_latency order by rows_affected desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per io subheaderprint "Performance schema: Top 5 user per io"; - $nbL=1; - for my $lQuery(select_array ('select user, file_ios from sys.user_summary order by file_ios desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, file_ios from sys.user_summary order by file_ios desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top user per io latency subheaderprint "Performance schema: Top 5 user per io latency"; - $nbL=1; - for my $lQuery(select_array ('select user, file_io_latency from sys.user_summary order by file_io_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select user, file_io_latency from sys.user_summary order by file_io_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per connection subheaderprint "Performance schema: Top 5 host per connection"; - $nbL=1; - for my $lQuery(select_array ('select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery conn(s)"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery conn(s)"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per statement subheaderprint "Performance schema: Top 5 host per statement"; - $nbL=1; - for my $lQuery(select_array ('select host, statements from sys.host_summary order by statements desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery stmt(s)"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, statements from sys.host_summary order by statements desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery stmt(s)"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per statement latency subheaderprint "Performance schema: Top 5 host per statement latency"; - $nbL=1; - for my $lQuery(select_array ('select host, statement_avg_latency from sys.host_summary order by statement_avg_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, statement_avg_latency from sys.host_summary order by statement_avg_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per lock latency subheaderprint "Performance schema: Top 5 host per lock latency"; - $nbL=1; - for my $lQuery(select_array ('select host, lock_latency from sys.host_summary_by_statement_latency order by lock_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, lock_latency from sys.host_summary_by_statement_latency order by lock_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per full scans subheaderprint "Performance schema: Top 5 host per nb full scans"; - $nbL=1; - for my $lQuery(select_array ('select host, full_scans from sys.host_summary_by_statement_latency order by full_scans desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, full_scans from sys.host_summary_by_statement_latency order by full_scans desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per rows sent subheaderprint "Performance schema: Top 5 host per rows sent"; - $nbL=1; - for my $lQuery(select_array ('select host, rows_sent from sys.host_summary_by_statement_latency order by rows_sent desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, rows_sent from sys.host_summary_by_statement_latency order by rows_sent desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per rows modified subheaderprint "Performance schema: Top 5 host per rows modified"; - $nbL=1; - for my $lQuery(select_array ('select host, rows_affected from sys.host_summary_by_statement_latency order by rows_affected desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, rows_affected from sys.host_summary_by_statement_latency order by rows_affected desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per io subheaderprint "Performance schema: Top 5 host per io"; - $nbL=1; - for my $lQuery(select_array ('select host, file_ios from sys.host_summary order by file_ios desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, file_ios from sys.host_summary order by file_ios desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top 5 host per io latency subheaderprint "Performance schema: Top 5 host per io latency"; - $nbL=1; - for my $lQuery(select_array ('select host, file_io_latency from sys.host_summary order by file_io_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, file_io_latency from sys.host_summary order by file_io_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top IO type order by total io subheaderprint "Performance schema: Top IO type order by total io"; - $nbL=1; - for my $lQuery(select_array ('use sys;select substring(event_name,14), SUM(total)AS total from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;')) { - infoprint " +-- $nbL: $lQuery i/o"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select substring(event_name,14), SUM(total)AS total from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;' + ) + ) + { + infoprint " +-- $nbL: $lQuery i/o"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top IO type order by total latency subheaderprint "Performance schema: Top IO type order by total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select substring(event_name,14), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select substring(event_name,14), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top IO type order by max latency subheaderprint "Performance schema: Top IO type order by max latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top Stages order by total io subheaderprint "Performance schema: Top Stages order by total io"; - $nbL=1; - for my $lQuery(select_array ('use sys;select substring(event_name,7), SUM(total)AS total from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;')) { - infoprint " +-- $nbL: $lQuery i/o"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select substring(event_name,7), SUM(total)AS total from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;' + ) + ) + { + infoprint " +-- $nbL: $lQuery i/o"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top Stages order by total latency subheaderprint "Performance schema: Top Stages order by total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select substring(event_name,7), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select substring(event_name,7), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top Stages order by avg latency subheaderprint "Performance schema: Top Stages order by avg latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top host per table scans subheaderprint "Performance schema: Top 5 host per table scans"; - $nbL=1; - for my $lQuery(select_array ('select host, table_scans from sys.host_summary order by table_scans desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select host, table_scans from sys.host_summary order by table_scans desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # InnoDB Buffer Pool by schema subheaderprint "Performance schema: InnoDB Buffer Pool by schema"; - $nbL=1; - for my $lQuery(select_array ('select object_schema, allocated, data, pages from sys.innodb_buffer_stats_by_schema ORDER BY pages DESC')) { - infoprint " +-- $nbL: $lQuery page(s)"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select object_schema, allocated, data, pages from sys.innodb_buffer_stats_by_schema ORDER BY pages DESC' + ) + ) + { + infoprint " +-- $nbL: $lQuery page(s)"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # InnoDB Buffer Pool by table subheaderprint "Performance schema: InnoDB Buffer Pool by table"; - $nbL=1; - for my $lQuery(select_array ("select CONCAT(object_schema,CONCAT('.', object_name)), allocated,data, pages from sys.innodb_buffer_stats_by_table ORDER BY pages DESC")) { - infoprint " +-- $nbL: $lQuery page(s)"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"select CONCAT(object_schema,CONCAT('.', object_name)), allocated,data, pages from sys.innodb_buffer_stats_by_table ORDER BY pages DESC" + ) + ) + { + infoprint " +-- $nbL: $lQuery page(s)"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Process per allocated memory subheaderprint "Performance schema: Process per allocated memory"; - $nbL=1; - for my $lQuery(select_array ("select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;" )) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # InnoDB Lock Waits subheaderprint "Performance schema: InnoDB Lock Waits"; - $nbL=1; - for my $lQuery(select_array ("use sys;select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;" )) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"use sys;select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Threads IO Latency subheaderprint "Performance schema: Thread IO Latency"; - $nbL=1; - for my $lQuery(select_array ("use sys;select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;" )) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"use sys;select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # High Cost SQL statements subheaderprint "Performance schema: Top 5 Most latency statements"; - $nbL=1; - for my $lQuery(select_array ('select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top 5% slower queries subheaderprint "Performance schema: Top 5 slower queries"; - $nbL=1; - for my $lQuery(select_array ('select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5')) { - infoprint " +-- $nbL: $lQuery s"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5' + ) + ) + { + infoprint " +-- $nbL: $lQuery s"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top 10 nb statement type subheaderprint "Performance schema: Top 10 nb statement type"; - $nbL=1; - for my $lQuery(select_array ('use sys;select statement, sum(total) as total from host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select statement, sum(total) as total from host_summary_by_statement_type group by statement order by total desc LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top statement by total latency subheaderprint "Performance schema: Top statement by total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select statement, sum(total_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select statement, sum(total_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top statement by lock latency subheaderprint "Performance schema: Top statement by lock latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select statement, sum(lock_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select statement, sum(lock_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top statement by full scans subheaderprint "Performance schema: Top statement by full scans"; - $nbL=1; - for my $lQuery(select_array ('use sys;select statement, sum(full_scans) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select statement, sum(full_scans) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top statement by rows sent subheaderprint "Performance schema: Top statement by rows sent"; - $nbL=1; - for my $lQuery(select_array ('use sys;select statement, sum(rows_sent) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select statement, sum(rows_sent) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Top statement by rows modified subheaderprint "Performance schema: Top statement by rows modified"; - $nbL=1; - for my $lQuery(select_array ('use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Use temporary tables subheaderprint "Performance schema: Some queries using temp table"; - $nbL=1; - for my $lQuery(select_array ('use sys;select query from sys.statements_with_temp_tables LIMIT 20')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( + 'use sys;select query from sys.statements_with_temp_tables LIMIT 20' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Unused Indexes subheaderprint "Performance schema: Unused indexes"; - $nbL=1; - for my $lQuery(select_array ('select * from sys.schema_unused_indexes')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( select_array('select * from sys.schema_unused_indexes') ) { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Full table scans subheaderprint "Performance schema: Tables with full table scans"; - $nbL=1; - for my $lQuery(select_array ('select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Latest file IO by latency subheaderprint "Performance schema: Latest FILE IO by latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # FILE by IO read bytes subheaderprint "Performance schema: FILE by IO read bytes"; - $nbL=1; - for my $lQuery(select_array ("use sys;(select file, total_read from io_global_by_file_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select file, total_read from io_global_by_file_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);")) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"use sys;(select file, total_read from io_global_by_file_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select file, total_read from io_global_by_file_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # FILE by IO written bytes subheaderprint "Performance schema: FILE by IO written bytes"; - $nbL=1; - for my $lQuery(select_array ("use sys;(select file, total_written from io_global_by_file_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select file, total_written from io_global_by_file_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);")) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"use sys;(select file, total_written from io_global_by_file_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select file, total_written from io_global_by_file_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # file per IO total latency subheaderprint "Performance schema: file per IO total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select file, total_latency from io_global_by_file_by_latency ORDER BY total_latency DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select file, total_latency from io_global_by_file_by_latency ORDER BY total_latency DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # file per IO read latency subheaderprint "Performance schema: file per IO read latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select file, read_latency from io_global_by_file_by_latency ORDER BY read_latency DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select file, read_latency from io_global_by_file_by_latency ORDER BY read_latency DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # file per IO write latency subheaderprint "Performance schema: file per IO write latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select file, write_latency from io_global_by_file_by_latency ORDER BY write_latency DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select file, write_latency from io_global_by_file_by_latency ORDER BY write_latency DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Event Wait by read bytes subheaderprint "Performance schema: Event Wait by read bytes"; - $nbL=1; - for my $lQuery(select_array ("use sys;(select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);")) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"use sys;(select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Event Wait by write bytes subheaderprint "Performance schema: Event Wait written bytes"; - $nbL=1; - for my $lQuery(select_array ("use sys;(select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);")) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +"use sys;(select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);" + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # event per wait total latency subheaderprint "Performance schema: event per wait total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select event_name, total_latency from io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select event_name, total_latency from io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # event per wait read latency subheaderprint "Performance schema: event per wait read latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select event_name, read_latency from io_global_by_wait_by_latency ORDER BY read_latency DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select event_name, read_latency from io_global_by_wait_by_latency ORDER BY read_latency DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # event per wait write latency subheaderprint "Performance schema: event per wait write latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select event_name, write_latency from io_global_by_wait_by_latency ORDER BY write_latency DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select event_name, write_latency from io_global_by_wait_by_latency ORDER BY write_latency DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); #schema_index_statistics # TOP 15 most read index subheaderprint "Performance schema: TOP 15 most read indexes"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, rows_selected from schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name,index_name, rows_selected from schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 most used index subheaderprint "Performance schema: TOP 15 most modified indexes"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high read latency index subheaderprint "Performance schema: TOP 15 high read latency index"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high insert latency index subheaderprint "Performance schema: TOP 15 most modified indexes"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high update latency index subheaderprint "Performance schema: TOP 15 high update latency index"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high delete latency index subheaderprint "Performance schema: TOP 15 high delete latency index"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 most read tables subheaderprint "Performance schema: TOP 15 most read tables"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, rows_fetched from schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name, rows_fetched from schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 most used tables subheaderprint "Performance schema: TOP 15 most modified tables"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high read latency tables subheaderprint "Performance schema: TOP 15 high read latency tables"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high insert latency tables subheaderprint "Performance schema: TOP 15 high insert latency tables"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high update latency tables subheaderprint "Performance schema: TOP 15 high update latency tables"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # TOP 15 high delete latency tables subheaderprint "Performance schema: TOP 15 high delete latency tables"; - $nbL=1; - for my $lQuery(select_array ('use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); # Redundant indexes subheaderprint "Performance schema: Redundant indexes"; - $nbL=1; - for my $lQuery(select_array ('use sys;select * from schema_redundant_indexes;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array('use sys;select * from schema_redundant_indexes;') ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: Tables not using InnoDB buffer"; - $nbL=1; - for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: Table not using InnoDB buffer"; - $nbL=1; - for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - subheaderprint "Performance schema: Table not using InnoDB buffer"; - $nbL=1; - for my $lQuery(select_array (' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); + subheaderprint "Performance schema: Table not using InnoDB buffer"; + $nbL = 1; + for my $lQuery ( + select_array( +' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: Top 15 Tables using InnoDB buffer"; - $nbL=1; - for my $lQuery(select_array ('select table_schema,table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select table_schema,table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: Top 15 Tables with InnoDB buffer free"; - $nbL=1; - for my $lQuery(select_array ('select table_schema,table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'select table_schema,table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: Top 15 Most executed queries"; - $nbL=1; - for my $lQuery(select_array ('select db, query, exec_count from sys.statement_analysis order by exec_count DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Top 15 Most executed queries"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, exec_count from sys.statement_analysis order by exec_count DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: Latest SQL queries in errors or warnings"; - $nbL=1; - for my $lQuery(select_array ('select query, last_seen from sys.statements_with_errors_or_warnings ORDER BY last_seen LIMIT 100;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: Latest SQL queries in errors or warnings"; + $nbL = 1; + for my $lQuery ( + select_array( +'select query, last_seen from sys.statements_with_errors_or_warnings ORDER BY last_seen LIMIT 100;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: Top 20 queries with full table scans"; - $nbL=1; - for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_full_table_scans order BY exec_count DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Top 20 queries with full table scans"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, exec_count from sys.statements_with_full_table_scans order BY exec_count DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: Last 50 queries with full table scans"; - $nbL=1; - for my $lQuery(select_array ('select db, query, last_seen from sys.statements_with_full_table_scans order BY last_seen DESC LIMIT 50;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Last 50 queries with full table scans"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, last_seen from sys.statements_with_full_table_scans order BY last_seen DESC LIMIT 50;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 reader queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query , rows_sent from statements_with_runtimes_in_95th_percentile ORDER BY ROWs_sent DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: TOP 15 reader queries (95% percentile)"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query , rows_sent from statements_with_runtimes_in_95th_percentile ORDER BY ROWs_sent DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 most row look queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: TOP 15 most row look queries (95% percentile)"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 total latency queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: TOP 15 total latency queries (95% percentile)"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, total_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 max latency queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: TOP 15 max latency queries (95% percentile)"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 average latency queries (95% percentile)"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: TOP 15 average latency queries (95% percentile)"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - - subheaderprint "Performance schema: Top 20 queries with sort"; - $nbL=1; - for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_sorting order BY exec_count DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Top 20 queries with sort"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, exec_count from sys.statements_with_sorting order BY exec_count DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: Last 50 queries with sort"; - $nbL=1; - for my $lQuery(select_array ('select db, query, last_seen from sys.statements_with_sorting order BY last_seen DESC LIMIT 50;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Last 50 queries with sort"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, last_seen from sys.statements_with_sorting order BY last_seen DESC LIMIT 50;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 row sorting queries with sort"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query , rows_sorted from statements_with_sorting ORDER BY ROWs_sorted DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: TOP 15 row sorting queries with sort"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query , rows_sorted from statements_with_sorting ORDER BY ROWs_sorted DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 15 total latency queries with sort"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 15 merge queries with sort"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 average sort merges queries with sort"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: TOP 15 average sort merges queries with sort"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 15 scans queries with sort"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 15 range queries with sort"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); - - + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); ################################################################################## -#statements_with_temp_tables + #statements_with_temp_tables #mysql> desc statements_with_temp_tables; #+--------------------------+---------------------+------+-----+---------------------+-------+ @@ -3956,40 +4485,65 @@ sub mysqsl_pfs { #+--------------------------+---------------------+------+-----+---------------------+-------+ #11 rows in set (0,01 sec)# # - subheaderprint "Performance schema: Top 20 queries with temp table"; - $nbL=1; - for my $lQuery(select_array ('select db, query, exec_count from sys.statements_with_temp_tables order BY exec_count DESC LIMIT 20;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Top 20 queries with temp table"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, exec_count from sys.statements_with_temp_tables order BY exec_count DESC LIMIT 20;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: Last 50 queries with temp table"; - $nbL=1; - for my $lQuery(select_array ('select db, query, last_seen from sys.statements_with_temp_tables order BY last_seen DESC LIMIT 50;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: Last 50 queries with temp table"; + $nbL = 1; + for my $lQuery ( + select_array( +'select db, query, last_seen from sys.statements_with_temp_tables order BY last_seen DESC LIMIT 50;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 total latency queries with temp table"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, total_latency AS search from statements_with_temp_tables ORDER BY total_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint + "Performance schema: TOP 15 total latency queries with temp table"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, total_latency AS search from statements_with_temp_tables ORDER BY total_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 15 queries with temp table to disk"; - $nbL=1; - for my $lQuery(select_array ('use sys;select db, query, disk_tmp_tables from statements_with_sorting ORDER BY disk_tmp_tables DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select db, query, disk_tmp_tables from statements_with_sorting ORDER BY disk_tmp_tables DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); ################################################################################## -#wait_classes_global_by_latency + #wait_classes_global_by_latency #ysql> select * from wait_classes_global_by_latency; #-----------------+-------+---------------+-------------+-------------+-------------+ @@ -4002,52 +4556,88 @@ sub mysqsl_pfs { # rows in set (0,00 sec) subheaderprint "Performance schema: TOP 15 class events by number"; - $nbL=1; - for my $lQuery(select_array ('use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 30 events by number"; - $nbL=1; - for my $lQuery(select_array ('use sys;select events, total from waits_global_by_latency ORDER BY total DESC LIMIT 30;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select events, total from waits_global_by_latency ORDER BY total DESC LIMIT 30;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 15 class events by total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 30 events by total latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select events, total_latency from waits_global_by_latency ORDER BY total_latency DESC LIMIT 30;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select events, total_latency from waits_global_by_latency ORDER BY total_latency DESC LIMIT 30;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); - subheaderprint "Performance schema: TOP 15 class events by max latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + subheaderprint "Performance schema: TOP 15 class events by max latency"; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); subheaderprint "Performance schema: TOP 30 events by max latency"; - $nbL=1; - for my $lQuery(select_array ('use sys;select events, max_latency from waits_global_by_latency ORDER BY max_latency DESC LIMIT 30;')) { - infoprint " +-- $nbL: $lQuery"; - $nbL++; + $nbL = 1; + for my $lQuery ( + select_array( +'use sys;select events, max_latency from waits_global_by_latency ORDER BY max_latency DESC LIMIT 30;' + ) + ) + { + infoprint " +-- $nbL: $lQuery"; + $nbL++; } - infoprint "No information found or indicators desactivated." if ($nbL == 1); + infoprint "No information found or indicators desactivated." + if ( $nbL == 1 ); } @@ -4151,6 +4741,7 @@ sub mariadb_xtradb { # All is to done here } + # Recommendations for RocksDB sub mariadb_rockdb { subheaderprint "RocksDB Metrics"; @@ -4166,6 +4757,7 @@ sub mariadb_rockdb { # All is to done here } + # Recommendations for Spider sub mariadb_spider { subheaderprint "Spider Metrics"; @@ -4181,6 +4773,7 @@ sub mariadb_spider { # All is to done here } + # Recommendations for Connect sub mariadb_connect { subheaderprint "Connect Metrics"; @@ -4511,11 +5104,13 @@ sub mysql_innodb { } if ( defined $myvar{'innodb_log_file_size'} ) { infoprint " +-- InnoDB Log File Size: " - . hr_bytes( $myvar{'innodb_log_file_size'} ) . "(".$mycalc{'innodb_log_size_pct'}." % of buffer pool)"; + . hr_bytes( $myvar{'innodb_log_file_size'} ) . "(" + . $mycalc{'innodb_log_size_pct'} + . " % of buffer pool)"; } if ( defined $myvar{'innodb_log_buffer_size'} ) { infoprint " +-- InnoDB Log Buffer: " - . hr_bytes( $myvar{'innodb_log_buffer_size'} ) ; + . hr_bytes( $myvar{'innodb_log_buffer_size'} ); } if ( defined $mystat{'Innodb_buffer_pool_pages_free'} ) { infoprint " +-- InnoDB Log Buffer Free: " @@ -4528,16 +5123,16 @@ sub mysql_innodb { } if ( defined $myvar{'innodb_thread_concurrency'} ) { infoprint "InnoDB Thread Cucurrency: " - . $myvar{'innodb_thread_concurrency'} ; + . $myvar{'innodb_thread_concurrency'}; } + # InnoDB Buffer Pull Size if ( $myvar{'innodb_file_per_table'} eq "ON" ) { goodprint "InnoDB File per table is activated"; } else { badprint "InnoDB File per table is not activated"; - push( @adjvars, - "innodb_file_per_table=ON" ); + push( @adjvars, "innodb_file_per_table=ON" ); } # InnoDB Buffer Pull Size @@ -4555,19 +5150,26 @@ sub mysql_innodb { . hr_bytes_rnd( $enginestats{'InnoDB'} ) . ") if possible." ); } - if ($mycalc{'innodb_log_size_pct'} < 20 or $mycalc{'innodb_log_size_pct'} > 30) { - badprint "Ratio InnoDB log file size / InnoDB Buffer pool size (". - $mycalc{'innodb_log_size_pct'}. - " %): " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" - . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; - push( @adjvars, - "innodb_log_file_size should be equals to 1/4 of buffer pool size (=" - . hr_bytes_rnd( $myvar{'innodb_buffer_pool_size'}/4 ) . ") if possible." ); - } else { - goodprint "InnoDB log file size / InnoDB Buffer pool size: " + if ( $mycalc{'innodb_log_size_pct'} < 20 + or $mycalc{'innodb_log_size_pct'} > 30 ) + { + badprint "Ratio InnoDB log file size / InnoDB Buffer pool size (" + . $mycalc{'innodb_log_size_pct'} . " %): " . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" - . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; + . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) + . " should be equal 25%"; + push( @adjvars, +"innodb_log_file_size should be equals to 1/4 of buffer pool size (=" + . hr_bytes_rnd( $myvar{'innodb_buffer_pool_size'} / 4 ) + . ") if possible." ); } + else { + goodprint "InnoDB log file size / InnoDB Buffer pool size: " + . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" + . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) + . " should be equal 25%"; + } + # InnoDB Buffer Pull Instances (MySQL 5.6.6+) if ( defined( $myvar{'innodb_buffer_pool_instances'} ) ) { @@ -4652,7 +5254,6 @@ sub mysql_innodb { } } - # InnoDB Read efficency if ( defined $mycalc{'pct_read_efficiency'} && $mycalc{'pct_read_efficiency'} < 90 ) @@ -4783,7 +5384,7 @@ sub mysql_databases { foreach (@dblist) { chomp($_); - if ( $_ eq "information_schema" + if ( $_ eq "information_schema" or $_ eq "performance_schema" or $_ eq "mysql" or $_ eq "" ) @@ -5182,7 +5783,7 @@ mariadb_tokudb; # Print MariaDB Tokudb stats mariadb_xtradb; # Print MariaDB XtraDB stats mariadb_rockdb; # Print MariaDB RockDB stats mariadb_spider; # Print MariaDB Spider stats -mariadb_connect; # Print MariaDB Connect stats +mariadb_connect; # Print MariaDB Connect stats mariadb_galera; # Print MariaDB Galera Cluster stats get_replication_status; # Print replication info make_recommendations; # Make recommendations based on stats From b6f5a6cb93240b2fde8dc6a9f4731364e19871af Mon Sep 17 00:00:00 2001 From: Simon Date: Thu, 3 Nov 2016 20:06:06 +0000 Subject: [PATCH 216/237] Fix typo in README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b9bc35d..05f00d6 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ MySQLTuner needs you: **MySQLTuner** needs contributors for documentation, code and feedbacks.. * Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). -* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) * Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) Compatibility: From 53d1c160683ad527c8a6f9aeb018f4c3c95012b8 Mon Sep 17 00:00:00 2001 From: Simon Date: Sat, 5 Nov 2016 14:27:54 +0000 Subject: [PATCH 217/237] Fix typos --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 05f00d6..a223b03 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ MySQLTuner-perl **MySQLTuner** supports in this last version ~300 indicators for MySQL/MariaDB/Percona Server. -**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... +**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration such as ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... You can found more details on this indicators ![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). @@ -164,12 +164,12 @@ These kinds of things are bound to happen. Here are the details I need from you * The full text of the error * A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) -**Question: How to perform a CVE vulneralibity checks ?** +**Question: How to perform CVE vulnerability checks?** * Download vulnerabilities.csv from this repository. * use option --cvefile to perform CVE checks -**Question: How to use mysqltuner from remote host ?** +**Question: How to use mysqltuner from a remote host?** Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) * You will still have to connect like a mysql client: From 947856901a61c3a493b149f3cf8419104076a01b Mon Sep 17 00:00:00 2001 From: Michael R Mawhinney Jr Date: Wed, 9 Nov 2016 22:29:34 -0500 Subject: [PATCH 218/237] Minor spelling correction --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5df44b0..0c67b6c 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -5122,7 +5122,7 @@ sub mysql_innodb { } } if ( defined $myvar{'innodb_thread_concurrency'} ) { - infoprint "InnoDB Thread Cucurrency: " + infoprint "InnoDB Thread Concurrency: " . $myvar{'innodb_thread_concurrency'}; } From 03d918fddf3a25fbbf5135f192ecb9984f2f0b62 Mon Sep 17 00:00:00 2001 From: Sergei Mamonov Date: Tue, 15 Nov 2016 17:45:03 +0300 Subject: [PATCH 219/237] Update README.ru.md --- README.ru.md | 200 ++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 168 insertions(+), 32 deletions(-) diff --git a/README.ru.md b/README.ru.md index d304ad9..e9363b1 100644 --- a/README.ru.md +++ b/README.ru.md @@ -7,23 +7,44 @@ MySQLTuner-perl [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") [![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) -MySQLTuner это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL +**MySQLTuner** это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL и составить рекомендации для увеличения производительности и стабильности работы. Выводятся текущие параметры конфигурации и информация о состоянии в формате отчета с основными подсказками по оптимизации. -Совместимость: +**MySQLTuner** поддерживает порядка 300 показателей для MySQL/MariaDB/Percona Server, в последней версии. +**MySQLTuner** поддерживает сбор показателей со множеством конфигураций как ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... + +Вы можете найти больше информации об этих показателях на +![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). + + +![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) + +MySQLTuner нуждается в Вас: +=== + +**MySQLTuner** нуждается в Вашем вкладе в документацию, код и обратную связь. + +* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Ставьте "звезды" **проекту MySQLTuner** на [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) + +Совместимость: +==== * MySQL 5.7 (полная поддержка) * MySQL 5.6 (полная поддержка) -* MariaDB 10.0 (полная поддержка) -* MariaDB 10.1 (полная поддержка) * MySQL 5.5 (полная поддержка) -* MySQL 5.1 (полная поддержка) -* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (полная поддержка) -* Perl 5.6 или более поздний +* MariaDB 10.1 (полная поддержка) +* MariaDB 10.0 (полная поддержка) +* Percona Server 5.6 (полнлая поддержка) +* Percona XtraDB cluster (полная поддержка) +* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (частичная поддержка - устаревшие версии) +* Perl 5.6 или более поздний (с пакетом [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod)) * Операционная система семейства Unix/Linux (протестировано на Linux, различных вариациях BSD и Solaris) -* Windows не поддерживается на данное время +* Windows не поддерживается на данное время (Необходима помощь!!!!!) * Неограниченный доступ на чтение для MySQL-сервера (Для работы с MySQL < 5.1 требуется root-доступ к серверу) +* Поддержка детектирования CVE уязвимостей из [https://cve.mitre.org](https://cve.mitre.org) Пожалуйста, прочитайте раздел ЧаВо, который расположен чуть ниже. @@ -40,53 +61,91 @@ MySQLTuner это скрипт, написанный на Perl, который **Серьезно - прочитайте раздел ЧаВо, который расположен чуть ниже.** -ПРЕДУПРЕЖДЕНИЕ +Что именно проверяет MySQLTuner? -- +Все проверки, что выполняет **MySQLTuner** задокументированы в [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) Загрузка/Установка -- -You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is: +Вы можете скачать весь репозиторий с помощью 'git clone' c URL текущего репозитория. Самый просто и короткий метод это: wget http://mysqltuner.pl/ -O mysqltuner.pl wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt + wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv perl mysqltuner.pl -Of course, you can add the execute bit (chmod +x mysqltuner.pl) so you can execute it without calling perl directly. +Конечно, Вам нужно будет добавить права на выполнение скрипта (chmod +x mysqltuner.pl), если вы хотите запускать его на прямую, без указания perl. +Примеры использования +-- + +__Пример:__ Минимальный локальный запуск + + perl mysqltuner.pl + +__Пример:__ Минимальный удаленный запуск + + perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password + +__Пример:__ Включение максимамльного вывода информации о MySQL/MariaDb без отладочной информации + + perl mysqltuner.pl --verbose + perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat + + +__Пример:__ Включение проверки на CVE уязвимости для MariaDB или MySQL + + perl mysqltuner.pl --cvefile=vulnerabilities.csv + +__Пример:__ Запись результата в файл с отображением информации + + perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt + +__Пример:__ Запись результата в файл **без вывода информации** + + perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt + +__Пример:__ Использование шаблона для кастомизации отчетов, что сохраняются в файл на базе синтаксиса [Text::Template](https://metacpan.org/pod/Text::Template). + + perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl + +__Пример:__ Включение вывода отладочной информации + + perl mysqltuner.pl --debug + ЧаВо -- -Вопрос: Will MySQLTuner fix my slow MySQL server? +**Вопрос: MySQLTuner починит мой медленный MySQL сервер?** -**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.* +**Нет.** MySQLTuner работает только на чтение. Он не будет записывать какие-либо конфигурационные файлы, изменять статус каких-либо демонов или звонить Вашей матери, что бы поздравить ее с днем роджения. Он только даст обзор производительности Вашего сервера и сделает несколько базовых рекомендаций, которые Вы можете выполнить. *Убедитесь, что вы прочитали предупреждения до следования рекомендациям.* -Вопрос: Can I fire my DBA now? +**Вопрос: Могу я уволить моего DBA теперь?** -**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call. +**MySQLTuner не заменяет вашего DBA в какой-либо форме или каким-либо образом.** Если Ваш DBA постоянно занимает Ваше парковочное место и крадет Ваш обед из холодильника, тогда Вы можете попробовать сделать это, но это будет Ваш выбор. -Вопрос: Why does MySQLTuner keep asking me the login credentials for MySQL over and over? +**Вопрос: Почему MySQLTuner продолжает спрашивать доступы для входа в MySQL снова и снова?** -The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains: +Скрипт пытается использовать лучше способы войти из возможных. Он проверяет ~/.my.cnf файлы, файлы паролей Plesk и пробует пустой пароль для пользователя root. Если ни один из этих способов не сработал, то запрашивается ввод пароля. Если Вы хотите, чтобы скрипт работал автоматически без вмешательства пользователя, то создайте .my.cnf файл в своей домашней директории файл с: [client] - user=someusername + user=distributions pass=thatuserspassword -Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option. +Сразу после создания файла убедитесь, что его владельцем является Ваш пользователь и что права на файл 0600. Это должно защитить Ваш логин и пароль от базы данных от любопытных глаз, при нормальных условиях. Если появится [T-1000 в униформе полицейского из Лос-Анджелеса](https://ru.wikipedia.org/wiki/T-1000) и потребует доступы от Вашей базы данных, то у Вас не будет выбора. -Вопрос: Is there another way to secure credentials on latest MySQL and MariaDB distributions ? - -You could use mysql_config_editor utilities. +**Вопрос: Есть ли другой путь, что бы безопасно сохранить данные для входа в последних версиях MySQL и MariaDB?** +Вы можете использовать утилиту mysql_config_editor. $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost Enter passord: ******** $ -At this time, ~/.mylogin.cnf has been written with appropriated rigth access. +И она создаст ~/.mylogin.cnf с корректными правами доступа. -To get information about stored credentials, use the following command: +Что бы получить информацию о сохраненных данных для входа выполните: $mysql_config_editor print [client] @@ -94,13 +153,90 @@ To get information about stored credentials, use the following command: password = ***** host = localhost -Вопрос: It's not working on my OS! What gives?! +**Вопрос: Какие минимальные привелегии нужны для специального пользователя базы данных mysqltuner?** -These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly: + mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234; + +**Вопрос: Это не работает на моей ОС! Что делать?!** + +Иногда такое случается. Что бы тщательно исследовать проблему будут необходимы следующие данные: + +* ОС и версия ОС +* Архитектура (x86, x86_64, IA64, Commodore 64) +* Точная версия MySQL +* Где вы взяли данную версию MySQL(OS package, source, etc) +* Полный текст ошибки +* Копия вывода SHOW VARIABLES и SHOW GLOBAL STATUS (если это возможно) + +**Вопрос: Как выполнить проверку на CVE уязвимости?** + +* Скачать vulnerabilities.csv с этого репозитория. +* Использовать опцию --cvefile для проверки + +**Вопрос: Как использовать mysqltuner с удаленным хостом?** +Спасибо [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) + +* Вы можете просто подключиться как с обычным mysql клиетом: + +Подключение и Аутентификация. + + --host Connect to a remote host to perform tests (default: localhost) + --socket Use a different socket for a local connection + --port Port to use for connection (default: 3306) + --user Username to use for authentication + --pass Password to use for authentication + --defaults-file defaulfs file for credentials + +Since you are using a remote host, use parameters to supply values from the OS +Так-как вы используете удаленный хост, то используйте параметры для указания данных об ОС + + --forcemem Количество оперативной памяти в мегабайтах + --forceswap Количество swap памяти в мегабайтах + +* Вы можете обратиться к Вашему системному администратору, что бы спросить сколько оперативной памяти и swap-а Вам доступно + +Если у баз слишком много таблиц или есть очень большие таблицы используйте опцию + + --skipsize Don't enumerate tables and their types/sizes (default: on) + (Recommended for servers with many tables) + +MySQLTuner и Vagrant +-- +**MySQLTuner** содержится в следующих конфигурациях Vagrant configurations: +* Fedora Core 23 / MariaDB 10.0 +* Fedora Core 23 / MariaDB 10.1 +* Fedora Core 23 / MySQL 5.6 +* Fedora Core 23 / MySQL 5.7 + +**Vagrant File** are stored in Vagrant subdirectory. +* Follow this 2 steps after vagrant installation: +* Rename VagrantFile_for_Mxxx into Vagrantfile +* vagrant up + +**MySQLTuner** contains a Vagrant configurations for test purpose and development +* Install VirtualBox and Vagrant + * https://www.virtualbox.org/wiki/Downloads + * https://www.vagrantup.com/downloads.html +* Clone repository + * git clone https://github.com/major/MySQLTuner-perl.git +* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest + * vagrant plugin install vagrant-hostmanager + * vagrant plugin install vagrant-vbguest +* Add Fedora Core 23 box for official Fedora Download Website + * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box +* Create a data directory + * mkdir data +* Rename Vagrantfile_MariaDB10.0 into Vagrantfile + * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile +* Start vagrant + * vagrant up + +MySQLTuner нуждается в Вас: +=== + +**MySQLTuner** нуждается в Вашем вкладе в документацию, код и обратную связь. + +* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). +* Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) +* Ставьте "звезды" **проекту MySQLTuner** на [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl) - * OS and OS version - * Architecture (x86, x86_64, IA64, Commodore 64) - * Exact MySQL version - * Where you obtained your MySQL version (OS package, source, etc) - * The full text of the error - * A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible) From 5a6742ee8537e7dff123af6ec5e39e8b4e54fc83 Mon Sep 17 00:00:00 2001 From: Artur Penttinen Date: Wed, 16 Nov 2016 11:05:33 +0200 Subject: [PATCH 220/237] Hiding username and password from commandline It is possible to spy username and password if command run with --user/-pass options (ps -C mysqltuner.pl -F). To hiding these added options --userenv/--passenv for transfer MySQL username and password via environment variables. --- mysqltuner.pl | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 0c67b6c..74e0fc1 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -116,6 +116,7 @@ my $getOptionsCheck = GetOptions( 'updateversion', 'maxportallowed=s', 'verbose', 'sysstat', 'password=s', 'pfstat', + 'passenv=s', 'userenv=s', 'defaults-file=s' ); @@ -144,7 +145,9 @@ sub usage { . " --socket Use a different socket for a local connection\n" . " --port Port to use for connection (default: 3306)\n" . " --user Username to use for authentication\n" + . " --userenv Name of env variable which contains username to use for authentication\n" . " --pass Password to use for authentication\n" + . " --passenv Name of env variable which contains password to use for authentication\n" . " --defaults-file Path to a custom .my.cnf\n" . " --mysqladmin Path to a custom mysqladmin executable\n" . " --mysqlcmd Path to a custom mysql executable\n" . "\n" @@ -189,7 +192,15 @@ my $basic_password_files = ? abs_path( dirname(__FILE__) ) . "/basic_passwords.txt" : abs_path( $opt{passwordfile} ); +# Username from envvar +if (exists $opt{userenv} && exists $ENV{ $opt{userenv} }) { + $opt{user} = $ENV{ $opt{userenv} }; +} + # Related to password option +if (exists $opt{passenv} && exists $ENV{ $opt{passenv} }) { + $opt{pass} = $ENV{ $opt{passenv} }; +} $opt{pass} = $opt{password} if ( $opt{pass} eq 0 and $opt{password} ne 0 ); # for RPM distributions @@ -5817,7 +5828,9 @@ You must provide the remote server's total memory when connecting to other serve --socket Use a different socket for a local connection --port Port to use for connection (default: 3306) --user Username to use for authentication + --userenv Name of env variable which contains username to use for authentication --pass Password to use for authentication + --passenv Name of env variable which contains password to use for authentication --mysqladmin Path to a custom mysqladmin executable --mysqlcmd Path to a custom mysql executable --defaults-file Path to a custom .my.cnf From dd1997e0c97dac66e47b5a8a310196dbbbc22f45 Mon Sep 17 00:00:00 2001 From: fuar Date: Wed, 16 Nov 2016 01:13:19 +0300 Subject: [PATCH 221/237] Minor grammar improvements to README.ru.md --- README.ru.md | 55 ++++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 28 deletions(-) diff --git a/README.ru.md b/README.ru.md index e9363b1..364c3c0 100644 --- a/README.ru.md +++ b/README.ru.md @@ -7,13 +7,13 @@ MySQLTuner-perl [![Percentage of issues still open](http://isitmaintained.com/badge/open/major/MySQLTuner-perl.svg)](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open") [![GPL Licence](https://badges.frapsoft.com/os/gpl/gpl.png?v=103)](https://opensource.org/licenses/GPL-3.0/) -**MySQLTuner** это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL +**MySQLTuner** - это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL и составить рекомендации для увеличения производительности и стабильности работы. Выводятся текущие параметры конфигурации и информация о состоянии в формате отчета с основными подсказками по оптимизации. -**MySQLTuner** поддерживает порядка 300 показателей для MySQL/MariaDB/Percona Server, в последней версии. +**MySQLTuner** поддерживает порядка 300 показателей для MySQL/MariaDB/Percona Server последних версий. -**MySQLTuner** поддерживает сбор показателей со множеством конфигураций как ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... +**MySQLTuner** поддерживает сбор показателей для множества таких конфигураций, как ![Galera Cluster](http://galeracluster.com/), ![TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), ![ Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, ![InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), ![MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), ![Aria](https://mariadb.com/kb/en/mariadb/aria/), ... Вы можете найти больше информации об этих показателях на ![Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md). @@ -21,10 +21,10 @@ MySQLTuner-perl ![MysqlTuner](https://github.com/major/MySQLTuner-perl/blob/master/mysqltuner.png) -MySQLTuner нуждается в Вас: +MySQLTuner нуждается в вас: === -**MySQLTuner** нуждается в Вашем вкладе в документацию, код и обратную связь. +**MySQLTuner** нуждается в вашем вкладе в документацию и код, а так же ждёт обратную связь. * Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). * Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) @@ -63,19 +63,19 @@ MySQLTuner нуждается в Вас: Что именно проверяет MySQLTuner? -- -Все проверки, что выполняет **MySQLTuner** задокументированы в [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) +Все проверки, что выполняет **MySQLTuner**, задокументированы в [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) Загрузка/Установка -- -Вы можете скачать весь репозиторий с помощью 'git clone' c URL текущего репозитория. Самый просто и короткий метод это: +Вы можете скачать весь репозиторий с помощью 'git clone' c URL текущего репозитория. Самый простой и короткий метод: wget http://mysqltuner.pl/ -O mysqltuner.pl wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv perl mysqltuner.pl -Конечно, Вам нужно будет добавить права на выполнение скрипта (chmod +x mysqltuner.pl), если вы хотите запускать его на прямую, без указания perl. +Конечно, вам нужно будет добавить права на выполнение скрипта (chmod +x mysqltuner.pl), если вы хотите запускать его напрямую, без указания perl. Примеры использования @@ -107,7 +107,7 @@ __Пример:__ Запись результата в файл **без выв perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt -__Пример:__ Использование шаблона для кастомизации отчетов, что сохраняются в файл на базе синтаксиса [Text::Template](https://metacpan.org/pod/Text::Template). +__Пример:__ Использование шаблона для кастомизации отчетов, сохраняющихся в файл на базе синтаксиса [Text::Template](https://metacpan.org/pod/Text::Template). perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl @@ -120,32 +120,32 @@ __Пример:__ Включение вывода отладочной инфо **Вопрос: MySQLTuner починит мой медленный MySQL сервер?** -**Нет.** MySQLTuner работает только на чтение. Он не будет записывать какие-либо конфигурационные файлы, изменять статус каких-либо демонов или звонить Вашей матери, что бы поздравить ее с днем роджения. Он только даст обзор производительности Вашего сервера и сделает несколько базовых рекомендаций, которые Вы можете выполнить. *Убедитесь, что вы прочитали предупреждения до следования рекомендациям.* +**Нет.** MySQLTuner работает только на чтение. Он не будет записывать какие-либо конфигурационные файлы, изменять статус каких-либо демонов или звонить вашей маме, чтобы поздравить её с днём рождения. Он только даст обзор производительности вашего сервера и предложит несколько базовых рекомендаций, которые вы можете выполнить. *Убедитесь, что вы прочитали предупреждения до следования рекомендациям.* -**Вопрос: Могу я уволить моего DBA теперь?** +**Вопрос: Теперь я могу уволить моего DBA?** -**MySQLTuner не заменяет вашего DBA в какой-либо форме или каким-либо образом.** Если Ваш DBA постоянно занимает Ваше парковочное место и крадет Ваш обед из холодильника, тогда Вы можете попробовать сделать это, но это будет Ваш выбор. +**MySQLTuner не заменяет вашего DBA никоим образом.** Однако, если ваш DBA постоянно занимает ваше парковочное место и крадёт ваш обед из холодильника, вы можете попробовать сделать это - но это будет ваш выбор. -**Вопрос: Почему MySQLTuner продолжает спрашивать доступы для входа в MySQL снова и снова?** +**Вопрос: Почему MySQLTuner каждый раз запрашивает доступы в MySQL?** -Скрипт пытается использовать лучше способы войти из возможных. Он проверяет ~/.my.cnf файлы, файлы паролей Plesk и пробует пустой пароль для пользователя root. Если ни один из этих способов не сработал, то запрашивается ввод пароля. Если Вы хотите, чтобы скрипт работал автоматически без вмешательства пользователя, то создайте .my.cnf файл в своей домашней директории файл с: +Скрипт пытается использовать лучшие способы войти из возможных. Он проверяет ~/.my.cnf файлы, файлы паролей Plesk и пробует пустой пароль для пользователя root. Если ни один из этих способов не сработал, то запрашивается ввод пароля. Если вы хотите, чтобы скрипт работал автоматически, создайте в своей домашней директории файл .my.cnf, содержащий: [client] user=distributions pass=thatuserspassword -Сразу после создания файла убедитесь, что его владельцем является Ваш пользователь и что права на файл 0600. Это должно защитить Ваш логин и пароль от базы данных от любопытных глаз, при нормальных условиях. Если появится [T-1000 в униформе полицейского из Лос-Анджелеса](https://ru.wikipedia.org/wiki/T-1000) и потребует доступы от Вашей базы данных, то у Вас не будет выбора. +Сразу после создания файла убедитесь, что его владельцем является ваш пользователь, а права на файл - 0600. Это защитит ваш логин и пароль от базы данных от любопытных глаз в нормальных условиях. Но у вас не будет выбора, если появится [T-1000 в униформе полицейского из Лос-Анджелеса](https://ru.wikipedia.org/wiki/T-1000) и потребует доступы от вашей базы данных. -**Вопрос: Есть ли другой путь, что бы безопасно сохранить данные для входа в последних версиях MySQL и MariaDB?** +**Вопрос: Есть ли другой способ безопасно сохранить данные для входа в последних версиях MySQL и MariaDB?** Вы можете использовать утилиту mysql_config_editor. $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost Enter passord: ******** $ -И она создаст ~/.mylogin.cnf с корректными правами доступа. +Она создаст ~/.mylogin.cnf с корректными правами доступа. -Что бы получить информацию о сохраненных данных для входа выполните: +Чтобы получить информацию о сохраненных данных для входа, выполните: $mysql_config_editor print [client] @@ -159,7 +159,7 @@ __Пример:__ Включение вывода отладочной инфо **Вопрос: Это не работает на моей ОС! Что делать?!** -Иногда такое случается. Что бы тщательно исследовать проблему будут необходимы следующие данные: +Иногда такое случается. Чтобы тщательно исследовать проблему, необходимы следующие данные: * ОС и версия ОС * Архитектура (x86, x86_64, IA64, Commodore 64) @@ -173,12 +173,12 @@ __Пример:__ Включение вывода отладочной инфо * Скачать vulnerabilities.csv с этого репозитория. * Использовать опцию --cvefile для проверки -**Вопрос: Как использовать mysqltuner с удаленным хостом?** +**Вопрос: Как использовать mysqltuner с удалённого хоста?** Спасибо [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba) -* Вы можете просто подключиться как с обычным mysql клиетом: +* Вы можете подключиться так же, как для обычного mysql-клиета: -Подключение и Аутентификация. +Подключение и аутентификация. --host Connect to a remote host to perform tests (default: localhost) --socket Use a different socket for a local connection @@ -187,22 +187,21 @@ __Пример:__ Включение вывода отладочной инфо --pass Password to use for authentication --defaults-file defaulfs file for credentials -Since you are using a remote host, use parameters to supply values from the OS -Так-как вы используете удаленный хост, то используйте параметры для указания данных об ОС +Так как вы используете удалённый хост, используйте параметры для указания данных об ОС --forcemem Количество оперативной памяти в мегабайтах --forceswap Количество swap памяти в мегабайтах -* Вы можете обратиться к Вашему системному администратору, что бы спросить сколько оперативной памяти и swap-а Вам доступно +* Вы можете обратиться к вашему системному администратору, чтобы спросить, сколько оперативной памяти и swap'а вам доступно -Если у баз слишком много таблиц или есть очень большие таблицы используйте опцию +Если у баз слишком много таблиц, или есть очень большие таблицы, используйте опцию --skipsize Don't enumerate tables and their types/sizes (default: on) (Recommended for servers with many tables) MySQLTuner и Vagrant -- -**MySQLTuner** содержится в следующих конфигурациях Vagrant configurations: +**MySQLTuner** содержится в следующих конфигурациях Vagrant: * Fedora Core 23 / MariaDB 10.0 * Fedora Core 23 / MariaDB 10.1 * Fedora Core 23 / MySQL 5.6 @@ -234,7 +233,7 @@ MySQLTuner и Vagrant MySQLTuner нуждается в Вас: === -**MySQLTuner** нуждается в Вашем вкладе в документацию, код и обратную связь. +**MySQLTuner** нуждается в вашем вкладе в документацию и код, а так же ждёт обратную связь. * Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues). * Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md) From eac905b632b40d7434c9db3c8e9426c10c4a280f Mon Sep 17 00:00:00 2001 From: root Date: Mon, 28 Nov 2016 17:39:41 +0100 Subject: [PATCH 222/237] MariaDB GTID mode #272 --- mysqltuner.pl | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 74e0fc1..5642c6f 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -525,9 +525,9 @@ sub validate_tuner_version { debugprint "$httpcli is available."; debugprint -"$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2"; +"$httpcli -e timestamping=off -t 1 -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2"; $update = -`$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`; +`$httpcli -e timestamping=off -t 1 -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`; chomp($update); compare_tuner_version($update); return; @@ -1025,6 +1025,10 @@ sub get_all_vars { $myvar{'have_innodb'} = "NO"; } + # Support GTID MODE FOR MARIADB + # Issue MariaDB GTID mode #272 + $myvar{'gtid_mode'}=$myvar{'gtid_strict_mode'} if (defined($myvar{'gtid_strict_mode'})); + $myvar{'have_threadpool'} = "NO"; if ( defined( $myvar{'thread_pool_size'} ) and $myvar{'thread_pool_size'} > 0 ) @@ -2466,7 +2470,6 @@ sub mysql_stats { } # Memory usage - infoprint "Physical Memory : " . hr_bytes($physical_memory); infoprint "Max MySQL memory : " . hr_bytes( $mycalc{'max_peak_memory'} ); infoprint "Other process memory: " . hr_bytes( get_other_process_memory() ); From 5be96339a187e0c9ce2fb7114316fe07e370716f Mon Sep 17 00:00:00 2001 From: root Date: Mon, 28 Nov 2016 17:48:22 +0100 Subject: [PATCH 223/237] Incorrect innodb log file size calculation #271 --- mysqltuner.pl | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5642c6f..5505e4e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2382,7 +2382,7 @@ sub calculations { # InnoDB if ( $myvar{'have_innodb'} eq "YES" ) { $mycalc{'innodb_log_size_pct'} = - ( $myvar{'innodb_log_file_size'} * 100 / + ( $myvar{'innodb_log_file_size'} *$myvar{'innodb_log_files_in_group'} * 100 / $myvar{'innodb_buffer_pool_size'} ); } @@ -5122,6 +5122,14 @@ sub mysql_innodb { . $mycalc{'innodb_log_size_pct'} . " % of buffer pool)"; } + if ( defined $myvar{'innodb_log_files_in_group'} ) { + infoprint " +-- InnoDB Log File In Group: " + . $myvar{'innodb_log_files_in_group'}; + } + if ( defined $myvar{'innodb_log_files_in_group'} ) { + infoprint " +-- InnoDB Total Log File Size: " + . hr_bytes( $myvar{'innodb_log_files_in_group'}*$myvar{'innodb_log_file_size'}); + } if ( defined $myvar{'innodb_log_buffer_size'} ) { infoprint " +-- InnoDB Log Buffer: " . hr_bytes( $myvar{'innodb_log_buffer_size'} ); @@ -5169,7 +5177,7 @@ sub mysql_innodb { { badprint "Ratio InnoDB log file size / InnoDB Buffer pool size (" . $mycalc{'innodb_log_size_pct'} . " %): " - . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" + . hr_bytes( $myvar{'innodb_log_file_size'} )." * ".$myvar{'innodb_log_files_in_group'}. "/" . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; push( @adjvars, @@ -5179,7 +5187,7 @@ sub mysql_innodb { } else { goodprint "InnoDB log file size / InnoDB Buffer pool size: " - . hr_bytes( $myvar{'innodb_log_file_size'} ) . "/" + . hr_bytes( $myvar{'innodb_log_file_size'} ) ." * ".$myvar{'innodb_log_files_in_group'}. "/" . hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . " should be equal 25%"; } From ce7eefb3da797470a396470b5c4b7b2e717d7ff4 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 28 Nov 2016 17:51:46 +0100 Subject: [PATCH 224/237] Bug fix on Galera Gcache mem calculation --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5505e4e..b78a9d0 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4823,7 +4823,7 @@ sub get_wsrep_options { } sub get_gcache_memory { - my $gCacheMem = get_wsrep_option('gcache.mem_size'); + my $gCacheMem = get_wsrep_option('gcache.size'); return 0 unless defined $gCacheMem and $gCacheMem ne ''; return $gCacheMem; From 7aecc27e0e5a973574bf820e6fa567a2917d9221 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 28 Nov 2016 17:52:13 +0100 Subject: [PATCH 225/237] Update vulnerabilities list --- vulnerabilities.csv | 371 ++++++++++++++++++++++++-------------------- 1 file changed, 205 insertions(+), 166 deletions(-) diff --git a/vulnerabilities.csv b/vulnerabilities.csv index a6a20b3..f604d2a 100755 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -71,14 +71,14 @@ 5.5.21;5;5;21;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.1.62;5;1;62;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:http://xforce.iss.net/xforce/xfdb/77065";Assigned (20120316);"None (candidate not yet proposed)"; 5.5.22;5;5;22;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:http://xforce.iss.net/xforce/xfdb/77065";Assigned (20120316);"None (candidate not yet proposed)"; -5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; -5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; +5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; +5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.5.19;5;5;19;CVE-2012-1696;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53071 | URL:http://www.securityfocus.com/bid/53071 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.5.21;5;5;21;CVE-2012-1697;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53064 | URL:http://www.securityfocus.com/bid/53064 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.1.66;5;1;66;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.5.28;5;5;28;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; -5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; -5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; +5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; +5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.1.66;5;1;66;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.5.28;5;5;28;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)"; 5.1.62;5;1;62;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:http://xforce.iss.net/xforce/xfdb/77064";Assigned (20120316);"None (candidate not yet proposed)"; @@ -198,8 +198,8 @@ 5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)"; 5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; -5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; -5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; +5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5793.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; +5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5786.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; 5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; 5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)"; 5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:http://xforce.iss.net/xforce/xfdb/90373";Assigned (20130918);"None (candidate not yet proposed)"; @@ -314,21 +314,21 @@ 5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)"; 5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:72223 | URL:http://www.securityfocus.com/bid/72223 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; @@ -336,7 +336,7 @@ 5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74081 | URL:http://www.securityfocus.com/bid/74081";Assigned (20141217);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; @@ -348,78 +348,78 @@ 5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; 5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)"; -5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; -6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75762 | URL:http://www.securityfocus.com/bid/75762";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75774 | URL:http://www.securityfocus.com/bid/75774";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75760 | URL:http://www.securityfocus.com/bid/75760";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75815 | URL:http://www.securityfocus.com/bid/75815";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830";Assigned (20150320);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822";Assigned (20150320);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75813 | URL:http://www.securityfocus.com/bid/75813";Assigned (20150320);"None (candidate not yet proposed)"; +5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; +6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | BID:75785 | URL:http://www.securityfocus.com/bid/75785";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75770 | URL:http://www.securityfocus.com/bid/75770";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77232 | URL:http://www.securityfocus.com/bid/77232";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75844 | URL:http://www.securityfocus.com/bid/75844";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75753 | URL:http://www.securityfocus.com/bid/75753";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75835 | URL:http://www.securityfocus.com/bid/75835";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75781 | URL:http://www.securityfocus.com/bid/75781";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77213 | URL:http://www.securityfocus.com/bid/77213";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77171 | URL:http://www.securityfocus.com/bid/77171";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77171 | URL:http://www.securityfocus.com/bid/77171";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77216 | URL:http://www.securityfocus.com/bid/77216";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77165 | URL:http://www.securityfocus.com/bid/77165";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77165 | URL:http://www.securityfocus.com/bid/77165";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77222 | URL:http://www.securityfocus.com/bid/77222";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77222 | URL:http://www.securityfocus.com/bid/77222";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77134 | URL:http://www.securityfocus.com/bid/77134";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77196 | URL:http://www.securityfocus.com/bid/77196";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77196 | URL:http://www.securityfocus.com/bid/77196";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77237 | URL:http://www.securityfocus.com/bid/77237";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77237 | URL:http://www.securityfocus.com/bid/77237";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77228 | URL:http://www.securityfocus.com/bid/77228";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77228 | URL:http://www.securityfocus.com/bid/77228";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77170 | URL:http://www.securityfocus.com/bid/77170";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77190 | URL:http://www.securityfocus.com/bid/77190";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77190 | URL:http://www.securityfocus.com/bid/77190";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77145 | URL:http://www.securityfocus.com/bid/77145";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77145 | URL:http://www.securityfocus.com/bid/77145";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77137 | URL:http://www.securityfocus.com/bid/77137";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77137 | URL:http://www.securityfocus.com/bid/77137";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77147 | URL:http://www.securityfocus.com/bid/77147";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | BID:77187 | URL:http://www.securityfocus.com/bid/77187";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | BID:77187 | URL:http://www.securityfocus.com/bid/77187";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77132 | URL:http://www.securityfocus.com/bid/77132";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77208 | URL:http://www.securityfocus.com/bid/77208";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77208 | URL:http://www.securityfocus.com/bid/77208";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77140 | URL:http://www.securityfocus.com/bid/77140";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77140 | URL:http://www.securityfocus.com/bid/77140";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77231 | URL:http://www.securityfocus.com/bid/77231";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77136 | URL:http://www.securityfocus.com/bid/77136";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77219 | URL:http://www.securityfocus.com/bid/77219";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77143 | URL:http://www.securityfocus.com/bid/77143";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77234 | URL:http://www.securityfocus.com/bid/77234";Assigned (20150624);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77153 | URL:http://www.securityfocus.com/bid/77153";Assigned (20150624);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77153 | URL:http://www.securityfocus.com/bid/77153";Assigned (20150624);"None (candidate not yet proposed)"; 5.6.28;5;6;28;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; 2.17.1;2;17;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; 10.0.22;10;0;22;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)"; @@ -427,86 +427,125 @@ 5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; 5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; 5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; -5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; -5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)"; +5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)"; +5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)"; +5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)"; +10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)"; +10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91976 | URL:http://www.securityfocus.com/bid/91976";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91910 | URL:http://www.securityfocus.com/bid/91910";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)"; 3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; 3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)"; -5.5.52;5;5;52;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -5.6.33;5;6;33;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -5.7.15;5;7;15;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -10.0.27;10;0;27;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -10.1.17;10;1;17;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; -5.6.26;5;6;26;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1";Assigned (20160909);"None (candidate not yet proposed)"; -7.0.11;7;0;11;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1";Assigned (20160909);"None (candidate not yet proposed)"; +5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-3495;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93670 | URL:http://www.securityfocus.com/bid/93670";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91967 | URL:http://www.securityfocus.com/bid/91967";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91983 | URL:http://www.securityfocus.com/bid/91983";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91906 | URL:http://www.securityfocus.com/bid/91906";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91917 | URL:http://www.securityfocus.com/bid/91917";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91915 | URL:http://www.securityfocus.com/bid/91915";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91974 | URL:http://www.securityfocus.com/bid/91974";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91963 | URL:http://www.securityfocus.com/bid/91963";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)"; +10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)"; +10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.52;5;5;52;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.33;5;6;33;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.15;5;7;15;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-5616;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-5616;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-5616;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-5617;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-5617;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-5617;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-5625;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Packaging.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93617 | URL:http://www.securityfocus.com/bid/93617";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.31;5;6;31;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-5628;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93662 | URL:http://www.securityfocus.com/bid/93662";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)"; +5.6.31;5;6;31;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-5631;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93684 | URL:http://www.securityfocus.com/bid/93684";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-5632;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93693 | URL:http://www.securityfocus.com/bid/93693";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-5633;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-8290.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93702 | URL:http://www.securityfocus.com/bid/93702";Assigned (20160616);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-5635;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93715 | URL:http://www.securityfocus.com/bid/93715";Assigned (20160616);"None (candidate not yet proposed)"; +5.5.52;5;5;52;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.6.33;5;6;33;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.7.15;5;7;15;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +10.0.27;10;0;27;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +10.1.17;10;1;17;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)"; +5.6.26;5;6;26;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | BID:93005 | URL:http://www.securityfocus.com/bid/93005";Assigned (20160909);"None (candidate not yet proposed)"; +7.0.11;7;0;11;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | BID:93005 | URL:http://www.securityfocus.com/bid/93005";Assigned (20160909);"None (candidate not yet proposed)"; +5.5.51;5;5;51;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)"; +5.6.32;5;6;32;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)"; +5.6.31;5;6;31;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.14;5;7;14;CVE-2016-8286;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93745 | URL:http://www.securityfocus.com/bid/93745";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-8287;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93727 | URL:http://www.securityfocus.com/bid/93727";Assigned (20160926);"None (candidate not yet proposed)"; +5.6.30;5;6;30;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.12;5;7;12;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-8289;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93720 | URL:http://www.securityfocus.com/bid/93720";Assigned (20160926);"None (candidate not yet proposed)"; +5.7.13;5;7;13;CVE-2016-8290;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-5633.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93733 | URL:http://www.securityfocus.com/bid/93733";Assigned (20160926);"None (candidate not yet proposed)"; From caa785ec592e15d964e2f51cfce49217761989fb Mon Sep 17 00:00:00 2001 From: git001 Date: Mon, 28 Nov 2016 20:39:47 +0100 Subject: [PATCH 226/237] Fix Argument "NULL" isn't numeric Argument "NULL" isn't numeric in numeric ge (>=) at mysqltuner.pl line 288 (#1) (W numeric) The indicated string was fed as an argument to an operator that expected a numeric value instead. If you're fortunate the message will identify which operator was so unfortunate. [--] +-- ROWS : 0 Argument "NULL" isn't numeric in numeric eq (==) at mysqltuner.pl line 343 (#1) (W numeric) The indicated string was fed as an argument to an operator that expected a numeric value instead. If you're fortunate the message will identify which operator was so unfortunate. [--] +-- ENGIN : 0 (NULL) Argument "NULL" isn't numeric in numeric lt (<) at mysqltuner.pl line 3847 (#1) --- mysqltuner.pl | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b78a9d0..9934100 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -319,6 +319,9 @@ sub hr_bytes { # Calculates the parameter passed in bytes, then rounds it to the nearest integer sub hr_bytes_rnd { my $num = shift; + + return "0B" if $num eq "NULL" ; + if ( $num >= ( 1024**3 ) ) { #GB return int( ( $num / ( 1024**3 ) ) ) . "G"; } @@ -355,6 +358,7 @@ sub percentage { my $value = shift; my $total = shift; $total = 0 unless defined $total; + $total = 0 if $total eq "NULL"; return 100, 00 if $total == 0; return sprintf( "%.2f", ( $value * 100 / $total ) ); } @@ -5450,7 +5454,7 @@ sub mysql_databases { ) ) . ")"; badprint "Index size is larger than data size for $dbinfo[0] \n" - if $dbinfo[2] < $dbinfo[3]; + if ( $dbinfo[2] ne 'NULL' ) and ( $dbinfo[3] ne 'NULL' ) and ( $dbinfo[2] < $dbinfo[3] ); badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n" if $dbinfo[5] > 1; $result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1]; From f7699b4515e35e82e209a49414a276454abd2adf Mon Sep 17 00:00:00 2001 From: root Date: Fri, 2 Dec 2016 15:24:52 +0100 Subject: [PATCH 227/237] #278 Escaping password items --- mysqltuner.pl | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index 9934100..4cd2a7e 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1086,6 +1086,10 @@ sub remove_empty { grep { $_ ne '' } @_; } +sub grep_file_contents { + my $file = shift; + my $patt +} sub get_file_contents { my $file = shift; open( my $fh, "<", $file ) or die "Can't open $file for read: $!"; @@ -1099,6 +1103,33 @@ sub get_basic_passwords { return get_file_contents(shift); } +sub log_file_recommandations { + subheaderprint "Log file Recommendations"; + infoprint "Log file: " . $myvar{'log_error'}. "(".hr_bytes_rnd((stat $myvar{'log_error'})[7]).")"; + if (-f "$myvar{'log_error'}") { + goodprint "Log file $myvar{'log_error'} exists"; + } else { + badprint "Log file $myvar{'log_error'} doesn't exist"; + } + if ( (stat $myvar{'log_error'})[7] > 0) { + goodprint "Log file $myvar{'log_error'} is not empty"; + } else { + badprint "Log file $myvar{'log_error'} is empty"; + } + + if ( (stat $myvar{'log_error'})[7] < 2*1024*1024) { + goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb"; + } else { + badprint "Log file $myvar{'log_error'} is bigger than 32 Mb"; + push( @generalrec, + $myvar{'log_error'} ."is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!" ); + } + + #exit 0; +} + + + sub cve_recommendations { subheaderprint "CVE Security Recommendations"; unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) { @@ -1612,8 +1643,12 @@ sub security_recommendations { my $nbins = 0; my $passreq; if (@passwords) { + my $nbInterPass=0; foreach my $pass (@passwords) { + $nbInterPass++; + $pass =~ s/\s//g; + $pass =~ s/\'/\\\'/g; chomp($pass); # Looking for User with user/ uppercase /capitalise weak password @@ -1638,6 +1673,7 @@ sub security_recommendations { $nbins++; } } + debugprint "$nbInterPass / ".scalar(@passwords) if ($nbInterPass %1000 ==0); } } if ( $nbins > 0 ) { @@ -5793,6 +5829,7 @@ validate_mysql_version; # Check current MySQL version check_architecture; # Suggest 64-bit upgrade system_recommendations; # avoid to many service on the same host +log_file_recommandations; # check log file content check_storage_engines; # Show enabled storage engines mysql_databases; # Show informations about databases mysql_indexes; # Show informations about indexes From 7acf66f73ce427bf40e18fde75cf3895d733d415 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 2 Dec 2016 15:27:38 +0100 Subject: [PATCH 228/237] Bug on log file calculation --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 4cd2a7e..f72ff89 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1117,7 +1117,7 @@ sub log_file_recommandations { badprint "Log file $myvar{'log_error'} is empty"; } - if ( (stat $myvar{'log_error'})[7] < 2*1024*1024) { + if ( (stat $myvar{'log_error'})[7] < 32*1024*1024) { goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb"; } else { badprint "Log file $myvar{'log_error'} is bigger than 32 Mb"; From 7a0565d9e5e95099316d49e5a5e0f0223f8ab546 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 2 Dec 2016 16:21:58 +0100 Subject: [PATCH 229/237] Detect Error and warning in error log #252 Detect last MySQL / MariaDB last shutdown and startup #253 --- mysqltuner.pl | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index f72ff89..af3a982 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1125,6 +1125,46 @@ sub log_file_recommandations { $myvar{'log_error'} ."is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!" ); } + my @log_content=get_file_contents($myvar{'log_error'}); + + my $numLi=0; + my $nbWarnLog=0; + my $nbErrLog=0; + my @lastShutdowns; + my @lastStarts; + foreach my $logLi(@log_content) { + $numLi++; + debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i; + $nbErrLog++ if $logLi =~ /error/i; + $nbWarnLog++ if $logLi =~ /warning/i; + push @lastShutdowns, $logLi if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i; + push @lastStarts, $logLi if $logLi =~ /ready for connections/; + } + if ($nbWarnLog > 0) { + badprint "$myvar{'log_error'} contains $nbWarnLog warning(s)."; + push( @generalrec, "Control warning line(s) into $myvar{'log_error'} file"); + } else { + goodprint "$myvar{'log_error'} doesn't contain any warning."; + } + if ($nbErrLog > 0) { + badprint "$myvar{'log_error'} contains $nbErrLog error(s)."; + push( @generalrec, "Control error line(s) into $myvar{'log_error'} file"); + } else { + goodprint "$myvar{'log_error'} doesn't contain any error."; + } + + infoprint scalar(@lastStarts). " start(s) detected in $myvar{'log_error'}"; + my $nStart=0; + for my $startd (reverse @lastStarts[-10..-1]) { + $nStart++; + infoprint "$nStart) $startd"; + } + infoprint scalar(@lastShutdowns). " shutdown(s) detected in $myvar{'log_error'}"; + my $nShut=0; + for my $shutd (reverse @lastShutdowns[-10..-1]) { + $nShut++; + infoprint "$nShut) $shutd"; + } #exit 0; } From 4d20ffea0c721777a7ce7101ad8a2ee131549dcd Mon Sep 17 00:00:00 2001 From: root Date: Mon, 5 Dec 2016 09:27:54 +0100 Subject: [PATCH 230/237] Doesn't work for remote server on AWS #279 --- mysqltuner.pl | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mysqltuner.pl b/mysqltuner.pl index af3a982..bf88f25 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1111,6 +1111,12 @@ sub log_file_recommandations { } else { badprint "Log file $myvar{'log_error'} doesn't exist"; } + if (-r "$myvar{'log_error'}") { + goodprint "Log file $myvar{'log_error'} is readable."; + } else { + badprint "Log file $myvar{'log_error'} isn't readable."; + return; + } if ( (stat $myvar{'log_error'})[7] > 0) { goodprint "Log file $myvar{'log_error'} is not empty"; } else { From 2861883432f1f92cbfaea8eba3670dd512cdcc7d Mon Sep 17 00:00:00 2001 From: root Date: Mon, 5 Dec 2016 09:31:03 +0100 Subject: [PATCH 231/237] Perl Error #280 --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index bf88f25..b459778 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -319,7 +319,7 @@ sub hr_bytes { # Calculates the parameter passed in bytes, then rounds it to the nearest integer sub hr_bytes_rnd { my $num = shift; - + return "0B" unless defined($num) ; return "0B" if $num eq "NULL" ; if ( $num >= ( 1024**3 ) ) { #GB From d3ea7ea342f85f9a587bdbd9017f23eb24224ee9 Mon Sep 17 00:00:00 2001 From: Sergei A Mamonov Date: Wed, 7 Dec 2016 16:23:53 +0300 Subject: [PATCH 232/237] fix error on show last start/shutdowns --- mysqltuner.pl | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b459778..5cc3898 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1161,15 +1161,23 @@ sub log_file_recommandations { infoprint scalar(@lastStarts). " start(s) detected in $myvar{'log_error'}"; my $nStart=0; - for my $startd (reverse @lastStarts[-10..-1]) { + my $nEnd = 10; + if (scalar(@lastStarts) < $nEnd) { + $nEnd = scalar(@lastStarts); + } + for my $startd (reverse @lastStarts[-$nEnd..-1]) { $nStart++; infoprint "$nStart) $startd"; } infoprint scalar(@lastShutdowns). " shutdown(s) detected in $myvar{'log_error'}"; - my $nShut=0; - for my $shutd (reverse @lastShutdowns[-10..-1]) { - $nShut++; - infoprint "$nShut) $shutd"; + $nStart=0; + $nEnd=10; + if (scalar(@lastShutdowns) < $nEnd) { + $nEnd = scalar(@lastShutdowns); + } + for my $shutd (reverse @lastShutdowns[-$nEnd..-1]) { + $nStart++; + infoprint "$nStart) $shutd"; } #exit 0; } From 4bc3a50c2d5ffa97eaaa3f00bcd81cdde0975f88 Mon Sep 17 00:00:00 2001 From: Sergei A Mamonov Date: Wed, 7 Dec 2016 16:31:51 +0300 Subject: [PATCH 233/237] fix code style in log_file_recommandations --- mysqltuner.pl | 118 +++++++++++++++++++++++++------------------------- 1 file changed, 59 insertions(+), 59 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5cc3898..ec5fa35 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1106,79 +1106,79 @@ sub get_basic_passwords { sub log_file_recommandations { subheaderprint "Log file Recommendations"; infoprint "Log file: " . $myvar{'log_error'}. "(".hr_bytes_rnd((stat $myvar{'log_error'})[7]).")"; - if (-f "$myvar{'log_error'}") { + if ( -f "$myvar{'log_error'}" ) { goodprint "Log file $myvar{'log_error'} exists"; } else { badprint "Log file $myvar{'log_error'} doesn't exist"; } - if (-r "$myvar{'log_error'}") { - goodprint "Log file $myvar{'log_error'} is readable."; - } else { - badprint "Log file $myvar{'log_error'} isn't readable."; - return; - } - if ( (stat $myvar{'log_error'})[7] > 0) { + if ( -r "$myvar{'log_error'}" ) { + goodprint "Log file $myvar{'log_error'} is readable."; + } else { + badprint "Log file $myvar{'log_error'} isn't readable."; + return; + } + if ( (stat $myvar{'log_error'})[7] > 0 ) { goodprint "Log file $myvar{'log_error'} is not empty"; } else { badprint "Log file $myvar{'log_error'} is empty"; } - if ( (stat $myvar{'log_error'})[7] < 32*1024*1024) { + if ( (stat $myvar{'log_error'})[7] < 32*1024*1024 ) { goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb"; } else { badprint "Log file $myvar{'log_error'} is bigger than 32 Mb"; - push( @generalrec, - $myvar{'log_error'} ."is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!" ); + push @generalrec, + $myvar{'log_error'} ."is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!" ; } - my @log_content=get_file_contents($myvar{'log_error'}); - - my $numLi=0; - my $nbWarnLog=0; - my $nbErrLog=0; - my @lastShutdowns; - my @lastStarts; - foreach my $logLi(@log_content) { - $numLi++; - debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i; - $nbErrLog++ if $logLi =~ /error/i; - $nbWarnLog++ if $logLi =~ /warning/i; - push @lastShutdowns, $logLi if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i; - push @lastStarts, $logLi if $logLi =~ /ready for connections/; - } - if ($nbWarnLog > 0) { - badprint "$myvar{'log_error'} contains $nbWarnLog warning(s)."; - push( @generalrec, "Control warning line(s) into $myvar{'log_error'} file"); - } else { - goodprint "$myvar{'log_error'} doesn't contain any warning."; - } - if ($nbErrLog > 0) { - badprint "$myvar{'log_error'} contains $nbErrLog error(s)."; - push( @generalrec, "Control error line(s) into $myvar{'log_error'} file"); - } else { - goodprint "$myvar{'log_error'} doesn't contain any error."; - } - - infoprint scalar(@lastStarts). " start(s) detected in $myvar{'log_error'}"; - my $nStart=0; - my $nEnd = 10; - if (scalar(@lastStarts) < $nEnd) { - $nEnd = scalar(@lastStarts); - } - for my $startd (reverse @lastStarts[-$nEnd..-1]) { - $nStart++; - infoprint "$nStart) $startd"; - } - infoprint scalar(@lastShutdowns). " shutdown(s) detected in $myvar{'log_error'}"; - $nStart=0; - $nEnd=10; - if (scalar(@lastShutdowns) < $nEnd) { - $nEnd = scalar(@lastShutdowns); - } - for my $shutd (reverse @lastShutdowns[-$nEnd..-1]) { - $nStart++; - infoprint "$nStart) $shutd"; - } + my @log_content = get_file_contents($myvar{'log_error'}); + + my $numLi = 0; + my $nbWarnLog = 0; + my $nbErrLog = 0; + my @lastShutdowns; + my @lastStarts; + foreach my $logLi ( @log_content ) { + $numLi++; + debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i; + $nbErrLog++ if $logLi =~ /error/i; + $nbWarnLog++ if $logLi =~ /warning/i; + push @lastShutdowns, $logLi if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i; + push @lastStarts, $logLi if $logLi =~ /ready for connections/; + } + if ( $nbWarnLog > 0 ) { + badprint "$myvar{'log_error'} contains $nbWarnLog warning(s)."; + push @generalrec, "Control warning line(s) into $myvar{'log_error'} file"; + } else { + goodprint "$myvar{'log_error'} doesn't contain any warning."; + } + if ( $nbErrLog > 0 ) { + badprint "$myvar{'log_error'} contains $nbErrLog error(s)."; + push @generalrec, "Control error line(s) into $myvar{'log_error'} file"; + } else { + goodprint "$myvar{'log_error'} doesn't contain any error."; + } + + infoprint scalar @lastStarts . " start(s) detected in $myvar{'log_error'}"; + my $nStart = 0; + my $nEnd = 10; + if ( scalar @lastStarts < $nEnd ) { + $nEnd = scalar @lastStarts; + } + for my $startd ( reverse @lastStarts[-$nEnd..-1] ) { + $nStart++; + infoprint "$nStart) $startd"; + } + infoprint scalar @lastShutdowns . " shutdown(s) detected in $myvar{'log_error'}"; + $nStart=0; + $nEnd=10; + if ( scalar @lastShutdowns < $nEnd ) { + $nEnd = scalar @lastShutdowns; + } + for my $shutd ( reverse @lastShutdowns[-$nEnd..-1] ) { + $nStart++; + infoprint "$nStart) $shutd"; + } #exit 0; } From 2dfb2a2cc9af129d40338c958f1b4f980e988437 Mon Sep 17 00:00:00 2001 From: jfcoz Date: Thu, 8 Dec 2016 09:45:38 +0100 Subject: [PATCH 234/237] query cache hit rate was not calculated when badprint "Query cache may be disabled by default due to mutex contention" --- mysqltuner.pl | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ec5fa35..b34c073 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -2744,16 +2744,9 @@ sub mysql_stats { push( @generalrec, "Upgrade MySQL to version 4+ to utilize query caching" ); } - elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) ) { - if ( $myvar{'query_cache_type'} ne "OFF" ) { - badprint - "Query cache may be disabled by default due to mutex contention."; - push( @adjvars, "query_cache_type (=0)" ); - } - else { - goodprint -"Query cache is disabled by default due to mutex contention on multiprocessor machines."; - } + elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) and $myvar{'query_cache_type'} eq "OFF" ) { + goodprint + "Query cache is disabled by default due to mutex contention on multiprocessor machines."; } elsif ( $myvar{'query_cache_size'} < 1 ) { badprint "Query cache is disabled"; @@ -2768,6 +2761,9 @@ sub mysql_stats { "Query cache cannot be analyzed - no SELECT statements executed"; } else { + badprint + "Query cache may be disabled by default due to mutex contention."; + push( @adjvars, "query_cache_type (=0)" ); if ( $mycalc{'query_cache_efficiency'} < 20 ) { badprint "Query cache efficiency: $mycalc{'query_cache_efficiency'}% (" From 22709a4517617658800d4e97ee31adaef02ca36d Mon Sep 17 00:00:00 2001 From: root Date: Thu, 8 Dec 2016 11:29:50 +0100 Subject: [PATCH 235/237] #265 wrong table name --- mysqltuner.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index b459778..f06baec 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -4632,7 +4632,7 @@ sub mysqsl_pfs { $nbL = 1; for my $lQuery ( select_array( -'use sys;select db, query, disk_tmp_tables from statements_with_sorting ORDER BY disk_tmp_tables DESC LIMIT 15;' +'use sys;select db, query, disk_tmp_tables from statements_with_temp_tables ORDER BY disk_tmp_tables DESC LIMIT 15;' ) ) { From 1b04540a4c39e26e60ed1ead0980abd763cfda90 Mon Sep 17 00:00:00 2001 From: Sergei A Mamonov Date: Mon, 12 Dec 2016 14:19:49 +0300 Subject: [PATCH 236/237] fix check innodb_file_per_table with skip-innodb --- mysqltuner.pl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index ff4bd44..5631e7b 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -1991,7 +1991,9 @@ sub check_storage_engines { $result{'Engine'}{$engine}{'Index Size'} = $isize; } my $not_innodb = ''; - if ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) { + if ( not defined $result{'Variables'}{'innodb_file_per_table'} ) { + $not_innodb = "AND NOT ENGINE='InnoDB'"; + } elsif ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) { $not_innodb = "AND NOT ENGINE='InnoDB'"; } $result{'Tables'}{'Fragmented tables'} = From be1f4b48c45aaf759ff0e115a33ee7d4f29cb106 Mon Sep 17 00:00:00 2001 From: i5513 Date: Tue, 20 Dec 2016 10:35:41 +0100 Subject: [PATCH 237/237] Allow to connect via socket with not default port Seems like it is necessary to specify the port when you have 2 instances runing and you want to connect via socket. --- mysqltuner.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysqltuner.pl b/mysqltuner.pl index 5631e7b..abb71ed 100755 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -685,15 +685,15 @@ sub mysql_setup { debugprint "MySQL Client: $mysqlcmd"; + $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port}; # Are we being asked to connect via a socket? if ( $opt{socket} ne 0 ) { - $remotestring = " -S $opt{socket}"; + $remotestring = " -S $opt{socket} -P $opt{port}"; } # Are we being asked to connect to a remote server? if ( $opt{host} ne 0 ) { chomp( $opt{host} ); - $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port}; # If we're doing a remote connection, but forcemem wasn't specified, we need to exit if ( $opt{'forcemem'} eq 0