Percona has addressed CVE-2016-6663 and CVE-2016-6664 in releases of Percona Server for MySQL and Percona XtraDB Cluster.
Percona is happy to announce that the following vulnerabilities are fixed in current releases of Percona Server for MySQL and Percona XtraDB Cluster:
- CVE-2016-6663: allows a local system user with access to the affected database in the context of a low-privileged account (CREATE/INSERT/SELECT grants) to escalate their privileges and execute arbitrary code as the database system user (typically “mysql”).
- …