Ubuntu Security Notice 897-1 – It was discovered that MySQL could be made to overwrite existing table files in the data directory. It was discovered that MySQL contained a cross-site scripting vulnerability in the command-line client when the –html option is enabled. It was discovered that MySQL could be made to overwrite existing table files in the data directory. It was discovered that MySQL contained multiple format string flaws when logging database creation and deletion. It was discovered that MySQL incorrectly handled errors when performing certain SELECT statements, and did not preserve correct flags when performing statements that use the GeomFromWKB function. It was discovered that MySQL incorrectly checked symlinks when using the DATA DIRECTORY and INDEX DIRECTORY options. It was discovered that MySQL contained a buffer overflow when parsing ssl certificates.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/86132/USN-897-1.txt
Source: https://packetstormsecurity.com/files/86132/Ubuntu-Security-Notice-897-1.html