EmergencyEMERGENCY? Get 24/7 Help Now!

Percona Server Critical Update CVE-2016-6662

 | September 12, 2016 |  Posted In: Events and Announcements, MySQL


This blog is an announcement for a Percona Server update with regards to CVE-2016-6662. We have added a fix for CVE-2016-6662 in the following releases: Percona Server 5.5.51-38.1 Percona Server 5.5.51-38.2 Percona Server 5.6.32-78.0 Percona Server 5.6.32-78.1 Percona Server 5.7.14-7 Percona Server 5.7.14-8 Percona XtraDB Cluster 5.5.41-25.11.1 Percona XtraDB Cluster 5.6.30-25.16.2 Percona XtraDB Cluster 5.6.30-25.16.3 From […]

Read More

EL5 and why we’ve had to enable TLSv1.0 again

 | June 6, 2016 |  Posted In: MySQL


We have had to revert back to TLSv1.0. If you saw my previous post on TLSv1.0 (https://www.percona.com/blog/2016/05/23/percona-disabling-tlsv1-0-may-31st-2016/), you’ll know I  wanted to deprecate TLSv1.0 well ahead of PCI’s changes. We made the changes May 31st. Unfortunately, it has become apparent that EL 5, which is in the final phases of End Of Life, does not support TLSv1.1 […]

Read More

Percona disabling TLSv1.0 May 31st 2016

 | May 23, 2016 |  Posted In: Events and Announcements


As of May 31st, 2016, we will be disabling TLSv1.0 support on www.percona.com, repo.percona.com, etc. This is ahead of the PCI changes that will affect the June 30th 2016 deprecation the TLSv1.0 protocol. (PDF) What does this mean for you the user? Based on analysis of our IDS logs, this will affect around 6.32% of requests. […]

Read More

How to Mitigate DROWN CVE-2016-0800

 | March 4, 2016 |  Posted In: MySQL

Mitigate DROWN CVE-2016-0800

This blog post will discuss how to Mitigate DROWN CVE-2016-0800. Unless you’ve been living in a cave you’ll have heard (or likely to hear about soon) the drown attack. From the Red Hat site: “A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this […]

Read More

OpenSSH CVE-2016-0777: Details and Mitigation

 | January 14, 2016 |  Posted In: MySQL, Security


Earlier today advisories were sent out regarding OpenSSH versions 5.4 through 7.1., informing users about a security bug in the software. In essence, the advisory instructed people to add the   UseRoaming no option to their ssh_config file, with a promise for further information to be made available shortly.   Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" […]

Read More

MySQL and Trojan.Chikdos.A

 | October 29, 2015 |  Posted In: MySQL


Symantec published a blog post yesterday regarding MySQL and the Trojan.Chikdos.A as can be seen here The Symantec post gives detail into the behavior of the Trojan and it’s effects on the Windows system registry, yet gives little detail as to how the required first stage (namely a malicious UDF) is injected, citing: “In the […]

Read More

Percona security update: oCERT and SSL improvements

 | May 18, 2015 |  Posted In: MySQL, Security

We have recently become a member of oCERT to aid in allowing responsible disclosure for Percona products and services as can be seen on their members page. We are presently working on the verbiage for the responsible disclosure program, and we are also investigating establishing a bug bounty program. In the mean time you can […]

Read More

Percona Security Advisory CVE-2015-1027

 | May 6, 2015 |  Posted In: MySQL, Security

Contents Summary Analysis Mitigating factors P.O.C Acknowledgments Summary During a code audit performed internally at Percona, we discovered a viable information disclosure attack when coupled with a MITM attack in which percona-toolkit and xtrabackup perl components could be coerced into returning additional MySQL configuration information. The vulnerability has since been closed. Timeline 2014-12-16 Initial research, […]

Read More

How to test if CVE-2015-0204 FREAK SSL security flaw affects you

 | March 5, 2015 |  Posted In: MySQL, Security

The CVE-2015-0204 FREAK SSL vulnerability abuses intentionally weak “EXPORT” ciphers which could be used to perform a transparent Man In The Middle attack. (We seem to be continually bombarded with not only SSL vulnerabilities but the need to name vulnerabilities with increasing odd names.) Is your server vulnerable? This can be tested using the following GIST […]

Read More

GHOST vulnerability (CVE-2015-0235) Percona response

 | January 29, 2015 |  Posted In: MySQL, Security

Cloud security company Qualys announced Tuesday the issues prevalent in glibc since version 2.2 introduced in 2000-11-10 (the complete Qualys announcement may be viewed here). The vulnerability, CVE-2015-0235, has been dubbed “GHOST.” As the announcement from Qualys indicates, it is believed that MySQL and by extension Percona Server are not affected by this issue. Percona […]

Read More

Percona’s widely read Percona Data Performance blog highlights our expertise in enterprise-class software, support, consulting and managed services solutions for both MySQL® and MongoDB® across traditional and cloud-based platforms. The decades of experience represented by our consultants is found daily in numerous and relevant blog posts.

Besides specific database help, the blog also provides notices on upcoming events and webinars.
Want to get weekly updates listing the latest blog posts? Subscribe to our blog now! Submit your email address below and we’ll send you an update every Friday at 1pm ET.

No, thank you. Please do not ask me again.