MySQL remote exploit

der.hans PLUGd at LuftHans.com
Mon Sep 12 12:00:03 MST 2016


Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so:

moin moin,

> Thanks have some SQL in DO droplets. Will be looking for this.

Will DigitalOcean automagically apply the patches for you?

I would expect it's in their best interest.

I'm certain DreamHost is already upgraded. GoDaddy is probably rolling it
out already, but I no longer know anyone on the team over there, so am not
sure how quick they will be.

This is admittedly one of the advantages of cloud. The infrastructure
providers can centrally test and roll out for everyone. The disadvantage
is if it's something that affects you, but they don't know or care about
it :).

ciao,

der.hans

> Sent from my iPhone
>
>> On Sep 12, 2016, at 11:18 AM, der.hans <PLUGd at LuftHans.com> wrote:
>>
>> moin moin,
>>
>> a MySQL remote exploit was announced this morning. Percona and MariaDB
>> already have fixes that have not yet hit the distros.
>>
>> https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662
>>
>> http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
>>
>> Watch for updates.
>>
>> ciao,
>>
>> der.hans
>> --
>> #  http://www.LuftHans.com/        http://www.PhxLinux.org/
>> #  Fairy Tale, n.: A horror story to prepare children for the newspapers.
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>

-- 
#  http://www.LuftHans.com/        http://www.PhxLinux.org/
#  "You go to Afghanistan and you swallow enough dust that you'll pass an
#  adobe brick." -- Robin Williams, 03Aug2006


More information about the PLUG-discuss mailing list