PublicDateAtUSN: 2017-07-19
Candidate: CVE-2017-3651
PublicDate: 2017-08-08 15:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3651
 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
 https://ubuntu.com/security/notices/USN-3357-1
 https://ubuntu.com/security/notices/USN-3357-2
Description:
 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent:
 Client mysqldump). Supported versions that are affected are 5.5.56 and
 earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable
 vulnerability allows low privileged attacker with network access via
 multiple protocols to compromise MySQL Server. Successful attacks of this
 vulnerability can result in unauthorized update, insert or delete access to
 some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity
 impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
Ubuntu-Description:
Notes:
 mdeslaur> 5.5.56 and earlier, 5.6.36 and earlier, 5.7.18 and earlier
Bugs:
Priority: medium
Discovered-by:
Assigned-to: 
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N [4.3 MEDIUM]

Patches_mysql-5.5:
upstream_mysql-5.5: released (5.5.57)
precise/esm_mysql-5.5: released (5.5.57-0ubuntu0.12.04.1)
trusty_mysql-5.5: released (5.5.57-0ubuntu0.14.04.1)
trusty/esm_mysql-5.5: released (5.5.57-0ubuntu0.14.04.1)
vivid_mysql-5.5: DNE
vivid/ubuntu-core_mysql-5.5: DNE
xenial_mysql-5.5: DNE
yakkety_mysql-5.5: DNE
zesty_mysql-5.5: DNE
artful_mysql-5.5: DNE
bionic_mysql-5.5: DNE
cosmic_mysql-5.5: DNE
disco_mysql-5.5: DNE
eoan_mysql-5.5: DNE
focal_mysql-5.5: DNE
groovy_mysql-5.5: DNE
hirsute_mysql-5.5: DNE
impish_mysql-5.5: DNE
jammy_mysql-5.5: DNE
devel_mysql-5.5: DNE

Patches_mysql-5.6:
upstream_mysql-5.6: released (5.6.37)
precise/esm_mysql-5.6: DNE
trusty_mysql-5.6: ignored (reached end-of-life)
trusty/esm_mysql-5.6: DNE (trusty was needed)
vivid/ubuntu-core_mysql-5.6: DNE
xenial_mysql-5.6: DNE
yakkety_mysql-5.6: DNE
zesty_mysql-5.6: DNE
artful_mysql-5.6: DNE
bionic_mysql-5.6: DNE
cosmic_mysql-5.6: DNE
disco_mysql-5.6: DNE
eoan_mysql-5.6: DNE
focal_mysql-5.6: DNE
groovy_mysql-5.6: DNE
hirsute_mysql-5.6: DNE
impish_mysql-5.6: DNE
jammy_mysql-5.6: DNE
devel_mysql-5.6: DNE

Patches_mysql-5.7:
upstream_mysql-5.7: released (5.7.19)
precise/esm_mysql-5.7: DNE
trusty_mysql-5.7: DNE
trusty/esm_mysql-5.7: DNE
vivid/ubuntu-core_mysql-5.7: DNE
xenial_mysql-5.7: released (5.7.19-0ubuntu0.16.04.1)
esm-infra/xenial_mysql-5.7: released (5.7.19-0ubuntu0.16.04.1)
yakkety_mysql-5.7: ignored (reached end-of-life)
zesty_mysql-5.7: released (5.7.19-0ubuntu0.17.04.1)
artful_mysql-5.7: released (5.7.19-0ubuntu1)
bionic_mysql-5.7: released (5.7.19-0ubuntu1)
cosmic_mysql-5.7: released (5.7.19-0ubuntu1)
disco_mysql-5.7: released (5.7.19-0ubuntu1)
eoan_mysql-5.7: DNE
focal_mysql-5.7: DNE
groovy_mysql-5.7: DNE
hirsute_mysql-5.7: DNE
impish_mysql-5.7: DNE
jammy_mysql-5.7: DNE
devel_mysql-5.7: DNE

Patches_mariadb-5.5:
upstream_mariadb-5.5: released (5.5.53)
precise/esm_mariadb-5.5: DNE
trusty_mariadb-5.5: released (5.5.53-1ubuntu0.14.04.1)
trusty/esm_mariadb-5.5: DNE (trusty was released [5.5.53-1ubuntu0.14.04.1])
vivid/ubuntu-core_mariadb-5.5: DNE
xenial_mariadb-5.5: DNE
yakkety_mariadb-5.5: DNE
zesty_mariadb-5.5: DNE
artful_mariadb-5.5: DNE
bionic_mariadb-5.5: DNE
cosmic_mariadb-5.5: DNE
disco_mariadb-5.5: DNE
eoan_mariadb-5.5: DNE
focal_mariadb-5.5: DNE
groovy_mariadb-5.5: DNE
hirsute_mariadb-5.5: DNE
impish_mariadb-5.5: DNE
jammy_mariadb-5.5: DNE
devel_mariadb-5.5: DNE

Patches_mariadb-10.0:
upstream_mariadb-10.0: released (10.0.28)
precise/esm_mariadb-10.0: DNE
trusty_mariadb-10.0: DNE
trusty/esm_mariadb-10.0: DNE
vivid/ubuntu-core_mariadb-10.0: DNE
xenial_mariadb-10.0: not-affected (10.0.36-0ubuntu0.16.04.1)
yakkety_mariadb-10.0: ignored (reached end-of-life)
zesty_mariadb-10.0: DNE
artful_mariadb-10.0: DNE
bionic_mariadb-10.0: DNE
cosmic_mariadb-10.0: DNE
disco_mariadb-10.0: DNE
eoan_mariadb-10.0: DNE
focal_mariadb-10.0: DNE
groovy_mariadb-10.0: DNE
hirsute_mariadb-10.0: DNE
impish_mariadb-10.0: DNE
jammy_mariadb-10.0: DNE
devel_mariadb-10.0: DNE

Patches_mariadb-10.1:
upstream_mariadb-10.1: released (10.1.19)
precise/esm_mariadb-10.1: DNE
trusty_mariadb-10.1: DNE
trusty/esm_mariadb-10.1: DNE
vivid/ubuntu-core_mariadb-10.1: DNE
xenial_mariadb-10.1: DNE
yakkety_mariadb-10.1: DNE
zesty_mariadb-10.1: ignored (reached end-of-life)
artful_mariadb-10.1: ignored (reached end-of-life)
bionic_mariadb-10.1: not-affected (1:10.1.34-0ubuntu0.18.04.1)
cosmic_mariadb-10.1: not-affected (1:10.1.29-6ubuntu2)
disco_mariadb-10.1: DNE
eoan_mariadb-10.1: DNE
focal_mariadb-10.1: DNE
groovy_mariadb-10.1: DNE
hirsute_mariadb-10.1: DNE
impish_mariadb-10.1: DNE
jammy_mariadb-10.1: DNE
devel_mariadb-10.1: DNE

Patches_percona-xtradb-cluster-5.5:
upstream_percona-xtradb-cluster-5.5: needs-triage
precise/esm_percona-xtradb-cluster-5.5: DNE
trusty_percona-xtradb-cluster-5.5: ignored (reached end-of-life)
trusty/esm_percona-xtradb-cluster-5.5: DNE (trusty was needed)
vivid/ubuntu-core_percona-xtradb-cluster-5.5: DNE
xenial_percona-xtradb-cluster-5.5: DNE
yakkety_percona-xtradb-cluster-5.5: DNE
zesty_percona-xtradb-cluster-5.5: DNE
artful_percona-xtradb-cluster-5.5: DNE
bionic_percona-xtradb-cluster-5.5: DNE
cosmic_percona-xtradb-cluster-5.5: DNE
disco_percona-xtradb-cluster-5.5: DNE
eoan_percona-xtradb-cluster-5.5: DNE
focal_percona-xtradb-cluster-5.5: DNE
groovy_percona-xtradb-cluster-5.5: DNE
hirsute_percona-xtradb-cluster-5.5: DNE
impish_percona-xtradb-cluster-5.5: DNE
jammy_percona-xtradb-cluster-5.5: DNE
devel_percona-xtradb-cluster-5.5: DNE

Patches_percona-xtradb-cluster-5.6:
upstream_percona-xtradb-cluster-5.6: needs-triage
precise/esm_percona-xtradb-cluster-5.6: DNE
trusty_percona-xtradb-cluster-5.6: DNE
trusty/esm_percona-xtradb-cluster-5.6: DNE
vivid/ubuntu-core_percona-xtradb-cluster-5.6: DNE
xenial_percona-xtradb-cluster-5.6: ignored (end of standard support, was needed)
yakkety_percona-xtradb-cluster-5.6: ignored (reached end-of-life)
zesty_percona-xtradb-cluster-5.6: ignored (reached end-of-life)
artful_percona-xtradb-cluster-5.6: ignored (reached end-of-life)
bionic_percona-xtradb-cluster-5.6: DNE
cosmic_percona-xtradb-cluster-5.6: DNE
disco_percona-xtradb-cluster-5.6: DNE
eoan_percona-xtradb-cluster-5.6: DNE
focal_percona-xtradb-cluster-5.6: DNE
groovy_percona-xtradb-cluster-5.6: DNE
hirsute_percona-xtradb-cluster-5.6: DNE
impish_percona-xtradb-cluster-5.6: DNE
jammy_percona-xtradb-cluster-5.6: DNE
devel_percona-xtradb-cluster-5.6: DNE

Patches_percona-server-5.6:
upstream_percona-server-5.6: needs-triage
precise/esm_percona-server-5.6: DNE
trusty_percona-server-5.6: DNE
trusty/esm_percona-server-5.6: DNE
vivid/ubuntu-core_percona-server-5.6: DNE
xenial_percona-server-5.6: ignored (end of standard support, was needed)
yakkety_percona-server-5.6: ignored (reached end-of-life)
zesty_percona-server-5.6: ignored (reached end-of-life)
artful_percona-server-5.6: ignored (reached end-of-life)
bionic_percona-server-5.6: DNE
cosmic_percona-server-5.6: DNE
disco_percona-server-5.6: DNE
eoan_percona-server-5.6: DNE
focal_percona-server-5.6: DNE
groovy_percona-server-5.6: DNE
hirsute_percona-server-5.6: DNE
impish_percona-server-5.6: DNE
jammy_percona-server-5.6: DNE
devel_percona-server-5.6: DNE

Patches_mysql-8.0:
upstream_mysql-8.0: needs-triage
precise/esm_mysql-8.0: DNE
trusty_mysql-8.0: DNE
trusty/esm_mysql-8.0: DNE
xenial_mysql-8.0: DNE
bionic_mysql-8.0: DNE
disco_mysql-8.0: DNE
eoan_mysql-8.0: not-affected
focal_mysql-8.0: not-affected
groovy_mysql-8.0: not-affected
hirsute_mysql-8.0: not-affected
impish_mysql-8.0: not-affected
jammy_mysql-8.0: not-affected
devel_mysql-8.0: not-affected