Debian 10225 Published by

The following updates has been released for Debian GNU/Linux 7 LTS:

DLA 1355-1: mysql-5.5 security update
DLA 1356-1: libreoffice security update



DLA 1355-1: mysql-5.5 security update




Package : mysql-5.5
Version : 5.5.60-0+deb7u1
CVE ID : CVE-2018-2755 CVE-2018-2761 CVE-2018-2771 CVE-2018-2773
CVE-2018-2781 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818
CVE-2018-2819

Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.60, which includes additional changes. Please see the MySQL
5.5 Release Notes and Oracle's Critical Patch Update advisory for
further details:

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-60.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

For Debian 7 "Wheezy", these problems have been fixed in version
5.5.60-0+deb7u1.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


DLA 1356-1: libreoffice security update




Package : libreoffice
Version : 1:3.5.4+dfsg2-0+deb7u11
CVE ID : CVE-2018-10119 CVE-2018-10120

Fuzzing by the OSS-Fuzz project found two memory safety issues
in LibreOffice, which could result in an application crash or
possibly other unspecified impact.

For Debian 7 "Wheezy", these problems have been fixed in version
1:3.5.4+dfsg2-0+deb7u11.

We recommend that you upgrade your libreoffice packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS