mysql-mmm 2.2.2 "slugabed"

Milestone information

Project:
mysql-mmm
Series:
trunk
Version:
2.2.2
Code name:
slugabed
Released:
2018-05-06  
Registrant:
David Beveridge
Release registered:
2018-05-06
Active:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata

Activities

Assigned to you:
No blueprints or bugs assigned to you.
Assignees:
2 David Beveridge
Blueprints:
No blueprints are targeted to this milestone.
Bugs:
2 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon mysql-mmm-tools_2.2.2-1_all.deb (md5, sig) Tools Package 2
last downloaded 12 weeks ago
download icon mysql-mmm-monitor_2.2.2-1_all.deb (md5, sig) Monitor Package 2
last downloaded today
download icon mysql-mmm-agent_2.2.2-1_all.deb (md5, sig) Agent Package 3
last downloaded 7 weeks ago
download icon mysql-mmm-common_2.2.2-1_all.deb (md5, sig) Common Package 1
last downloaded 6 weeks ago
download icon mysql-mmm-2.2.2.pdf (md5) Documentation 13
last downloaded 2 weeks ago
download icon mysql-mmm-2.2.2.tar.gz (md5, sig) Mysql MMM 2.2.2 Source Code 18
last downloaded 11 days ago
Total downloads: 39

Release notes 

Multiple exploitable remote command injection vulnerabilities exist
in the MySQL Master-Master Replication Manager (MMM) mmm_agentd
daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not
require authentication by default. A specially crafted MMM protocol
message can cause a shell command injection resulting in arbitrary
command execution with the privileges of the mmm_agentd process. An
attacker that can initiate a TCP session with mmm_agentd can trigger
these vulnerabilities.

Changelog 

View the full changelog

Bug Fix and Security update
#1736962 Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities
#1766773 bug with newer Net::ARP version numbers

0 blueprints and 2 bugs targeted

Bug report Importance Assignee Status
1736962 #1736962 Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities 3 High David Beveridge  10 Fix Released
1766773 #1766773 bug with newer Net::ARP version numbers 4 Medium David Beveridge  10 Fix Released
This milestone contains Public information
Everyone can see this information.