MySQL Security Hole Found
A security hole has been reported which affects MySQL, the database application used by the Joomla! CMS.
The security hole can be used to gain root access on poorly configured servers.
Patches have been quietly released by the MySQL developer but some web hosting companies appear to have been rather slow on the uptake.
All default installations of MySQL 5.5, 5.6 and 5.7 are affected.
JOOMLERS should check that the server hosting their website is using at least one of the following MySQL releases (depending upon version used):
- 5.6.33 or
MySQL Derivative are also affected
are also affected.
The developers have issued fixes to address the reported failings.
Read more at the above links.
Which MySQL version is recommended by Joomla!
The Joomla! Project recommend MySQL version 5.5.3 + for Joomla! 3.
However, following the discovery of the security hole, you should check the System Information screen to see which version/release of MySQL is being used by your website.
If your website uses MySQL version 5.5 then it should be showing the following release: 5.5.52.
If not then you should contact your hosting company.