Errata overview
Errata ID 339
Date 2018-04-18
Source package mysql-5.5
Fixed in version 5.5.59-0+deb8u1A~4.2.3.201801251404
Description 
Multiple security issues have been fixed since MySQL 5.5.57.
Since Oracle does not disclose sufficient information to provide backported
patches, MySQL is updated to the new release.
* https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-58.html
* https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html
* http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
* http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
This update addresses the following issues:
* Difficult to exploit vulnerability allows high privileged attacker with
  logon to the infrastructure where MySQL Server executes to compromise MySQL
  Server. Successful attacks of this vulnerability can result in unauthorized
  access to critical data or complete access to all MySQL Server accessible
  data. (CVE-2017-10268)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server. (CVE-2017-10384)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized access
  to critical data or complete access to all MySQL Server accessible data.
  (CVE-2017-10379)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server. (CVE-2017-10378)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server as well as unauthorized update, insert or delete access to some of
  MySQL Server accessible data. (CVE-2018-2562)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server. (CVE-2018-2622)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server. (CVE-2018-2640)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server. (CVE-2018-2665)
* Easily exploitable vulnerability allows low privileged attacker with
  network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability
  to cause a hang or frequently repeatable crash (complete DOS) of MySQL
  Server. (CVE-2018-2668)
Additional notes
CVE ID CVE-2017-10268
CVE-2017-10384
CVE-2017-10379
CVE-2017-10378
CVE-2018-2562
CVE-2018-2622
CVE-2018-2640
CVE-2018-2665
CVE-2018-2668
UCS Bug number #45633