EmergencyEMERGENCY? Get 24/7 Help Now!

Percona response to recent MySQL security bugs

 | December 6, 2012 |  Posted In: MySQL, Percona Software


Recently there have been discussions on several vulnerabilities in MySQL and closely related projects such as MariaDB and Percona Server. Usually we have inherited security fixes from MySQL when we have updated Percona Server to be based off a new Oracle MySQL release. In this case however, Oracle has been incredibly quiet.

We’ve been examining how these affect current Percona Server versions and will shortly be making security releases and more information available (we wish to ensure what we say is correct in regards to Percona Server).

As seems to often be the case, we already had a release in the pipeline – Percona Server 5.5.28-29.2 which contains many bug fixes that affect users (see our release notes). We’re going to still release 5.5.28-29.2 and shortly after we’ll make 5.5.28-29.3 available with just security fixes.

For more information, see:

Stewart Smith

Stewart Smith has a deep background in database internals including MySQL, MySQL Cluster, Drizzle, InnoDB and HailDB. he is also one of the founding core developers of the Drizzle database server. He served at Percona from 2011-2014. He is a former Percona employee.


  • Is there any news on whether these bugs affect 5.1, and if so, if there will be a equivalent 5.1 release?


  • Oracle have released MySQL Security patches for January 2015 and was wondering if these need to or will be incorporated into Percona MySQL versions or do they need to be patched?

    This is the list:

    Many Thanks
    Sunny Nagra

Leave a Reply


Percona’s widely read Percona Data Performance blog highlights our expertise in enterprise-class software, support, consulting and managed services solutions for both MySQL® and MongoDB® across traditional and cloud-based platforms. The decades of experience represented by our consultants is found daily in numerous and relevant blog posts.

Besides specific database help, the blog also provides notices on upcoming events and webinars.
Want to get weekly updates listing the latest blog posts? Subscribe to our blog now! Submit your email address below and we’ll send you an update every Friday at 1pm ET.

No, thank you. Please do not ask me again.