CVE-2014-6491

Name	CVE-2014-6491
Description	Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-3054-1
Debian Bugs	770229

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
wolfssl (PTS)	bullseye	4.6.0+p1-0+deb11u2	fixed
	bookworm	5.5.4-2+deb12u2	fixed
	trixie	5.7.2-0.1+deb13u1	fixed
	forky, sid	5.8.2-1.2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
cyassl	source	(unstable)	(unfixed)		770229
mariadb-10.0	source	(unstable)	10.0.15-1
mariadb-5.5	source	(unstable)	(unfixed)
mysql-5.5	source	wheezy	5.5.40-0+wheezy1	DSA-3054-1
mysql-5.5	source	(unstable)	5.5.40-1
percona-xtradb-cluster-5.5	source	(unstable)	(unfixed)
wolfssl	source	(unstable)	(not affected)

- wolfssl <not-affected> (WolfSSL not affected)