AWS-2014-010
2014/10/29 4:30PM PDT - Update - Security update for MySQL 5.1 We have determined that some of the security issues announced by Oracle for MySQL 5.5 and 5.6 here: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL may affect MySQL 5.1. As described in https://www.mysql.com/support/eol-notice.html , Oracle moved MySQL 5.1 to Sustaining Support in December 2013 and is no longer providing patches for it. To continue receiving MySQL security and reliability patches, we recommend that customers running MySQL 5.1 perform a major version upgrade to the latest versions of MySQL 5.5 or 5.6 after testing for application compatibility. More details about performing this upgrade are available here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeInstance.html . In order to give customers more time to test compatibility and perform a major version upgrade, we have released a new minor MySQL 5.1 version, 5.1.73a. This version has the security fixes for CVE-2014-6491, CVE-2014-6494, CVE-2014-6500 and CVE-2014-6559 added to MySQL 5.1.73. MySQL 5.1 RDS instances configured with the best practices guideline of using restricted access security gro…
Timeline
- Oct 9, 2019 CVE Published
References
- Amazon RDS – MySQL Security Advisory advisory
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL web
- https://www.mysql.com/support/eol-notice.html web
- http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeInstance.html web
- http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGroups.html web
- https://dev.mysql.com/doc/refman/5.6/en/upgrading-from-previous-series.html web
- http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.KnownIssuesAndLimitations web
- http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-20.html web