steffen's picture

Hi All,


how can I simply upgrade to MySQL 5.5.52 on wheezy avoiding the Exploit (CVE-2016-6663)??

Thanks for your help!

Forum: 
Jeremy Davis's picture

TurnKey auto installs security updates every night. So unless you have tweaked things (or don't have internet access) then it should have already installed all the relevant sec updates.

When Wheezy went LTS (long term support), the LTS team took over the wheezy-security repo. I just had a quick look and from what I can see they have backported MySQL 5.5.52 into Wheezy to resolve the serious security bugs. FWIW normally, just a patch is backported and applied to the older version, but the LTS team don't have the same resources that the stable security team have so they must have decided a backported patch was too much work this time around.

You can check the version you have installed with the following:

apt-get update && apt-cache policy mysql-server
It should show the version installed as "5.5.52-0+deb7u1".
Jan Steffen Patermann's picture

Hi Jeremy,

great to hear, I was to fast, it seems needed some time until debian put it the repository (as you said), and I wasn't sure if the mysql patch is aplied over the automatic security updates.

Thanks for your answer!

Add new comment