Buy Percona ServicesBuy Now!

Percona response to recent MySQL security bugs

 | December 6, 2012 |  Posted In: MySQL, Percona Software


Recently there have been discussions on several vulnerabilities in MySQL and closely related projects such as MariaDB and Percona Server. Usually we have inherited security fixes from MySQL when we have updated Percona Server to be based off a new Oracle MySQL release. In this case however, Oracle has been incredibly quiet.

We’ve been examining how these affect current Percona Server versions and will shortly be making security releases and more information available (we wish to ensure what we say is correct in regards to Percona Server).

As seems to often be the case, we already had a release in the pipeline – Percona Server 5.5.28-29.2 which contains many bug fixes that affect users (see our release notes). We’re going to still release 5.5.28-29.2 and shortly after we’ll make 5.5.28-29.3 available with just security fixes.

For more information, see:

Stewart Smith

Stewart Smith has a deep background in database internals including MySQL, MySQL Cluster, Drizzle, InnoDB and HailDB. he is also one of the founding core developers of the Drizzle database server. He served at Percona from 2011-2014. He is a former Percona employee.


  • Is there any news on whether these bugs affect 5.1, and if so, if there will be a equivalent 5.1 release?


  • Oracle have released MySQL Security patches for January 2015 and was wondering if these need to or will be incorporated into Percona MySQL versions or do they need to be patched?

    This is the list:

    Many Thanks
    Sunny Nagra

Comments are closed