Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so: moin moin, > Basically they mirror the repos. So when it hits debian I will upgrade. Ah, OK. You might also want to create a couple of empty files and lock them down. $datadir can be exploited, so pre-emptively putting empty conf files in there that can't be changed by mysql is a good idea. The following is for anyone with questions on locking down the config files in $datadir. Presuming $datadir is /var/lib/mysql either of the following will lock down the files when run as root, but the first will destroy files you might already have. # >/var/lib/mysq/my.cnf # >/var/lib/mysq/.my.cnf # chmod 000 /var/lib/mysq/{.,}my.cnf Or, with some minimal verification that it's safe... # for file in /var/lib/mysq/{.,}my.cnf; do if [ ! -e $file ] ; then >$file chmod 000 $file ls -l $file else ls -l $file echo "You might want to check on that" fi done ciao, der.hans > Sent from my iPhone > >> On Sep 12, 2016, at 12:00 PM, der.hans wrote: >> >> Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so: >> >> moin moin, >> >>> Thanks have some SQL in DO droplets. Will be looking for this. >> >> Will DigitalOcean automagically apply the patches for you? >> >> I would expect it's in their best interest. >> >> I'm certain DreamHost is already upgraded. GoDaddy is probably rolling it >> out already, but I no longer know anyone on the team over there, so am not >> sure how quick they will be. >> >> This is admittedly one of the advantages of cloud. The infrastructure >> providers can centrally test and roll out for everyone. The disadvantage >> is if it's something that affects you, but they don't know or care about >> it :). >> >> ciao, >> >> der.hans >> >>> Sent from my iPhone >>> >>>> On Sep 12, 2016, at 11:18 AM, der.hans wrote: >>>> >>>> moin moin, >>>> >>>> a MySQL remote exploit was announced this morning. Percona and MariaDB >>>> already have fixes that have not yet hit the distros. >>>> >>>> https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662 >>>> >>>> http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html >>>> >>>> Watch for updates. >>>> >>>> ciao, >>>> >>>> der.hans >>>> -- >>>> # http://www.LuftHans.com/ http://www.PhxLinux.org/ >>>> # Fairy Tale, n.: A horror story to prepare children for the newspapers. >>>> --------------------------------------------------- >>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> -- >> # http://www.LuftHans.com/ http://www.PhxLinux.org/ >> # "You go to Afghanistan and you swallow enough dust that you'll pass an >> # adobe brick." -- Robin Williams, 03Aug2006 >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss -- # http://www.LuftHans.com/ http://www.PhxLinux.org/ # "Rock 'n' roll might not solve your problems, but it does let you dance # all over them." -- Pete Townsend