We are pleased to announce that MySQL Enterprise Monitor 3.0.9 is now
available for download on the My Oracle Support (MOS) web site.
The Service Manager, Agent, and bundled MySQL Server binaries included
in 3.0.9 are all updated to use OpenSSL 1.0.1g. Please see
http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html
for further information. You can also find additional details about
Enterprise Monitor 3.0.9 in the change log:
http://dev.mysql.com/doc/mysql-monitor/3.0/en/mem-news-3-0-9.html
(also included at the end of this note for convenience)
You will find binaries for the new release on My Oracle Support:
https://support.oracle.com
Choose the "Patches & Updates" tab, and then choose the "Product or
Family (Advanced Search)" side tab in the "Patch Search" portlet.
You will also find the 3.0.9 binaries on the Oracle Software Delivery
Cloud within about 7 days of this announcement:
http://edelivery.oracle.com/
Choose "MySQL Database" as the Product Pack and you will find the
Enterprise Monitor along with other MySQL products.
Note that you will always find the latest release of the Enterprise
Monitor on the My Oracle Support (MOS) website, so we recommend
looking there first.
Thanks and Happy Monitoring!
- The MySQL Enterprise Tools Development Team
==========
Changes in MySQL Enterprise Monitor 3.0.9
* Security Fix: MySQL Enterprise Monitor 3.0.9 has been updated to use
OpenSSL version 1.0.1g, which has been publicly reported as not
vulnerable to CVE-2014-0160. The Service Manager, Agent, and bundled
MySQL Server are all updated to use OpenSSL 1.0.1g, and are now
available for download. Please see Oracle Note #1645479.1 for
further details.
We also recommend users that are using an external MySQL 5.6
Commercial server for their repository to upgrade the external MySQL
instance to the MySQL server 5.6.18 Commercial release. (Bug
#18533200, CVE-2014-0160)
* An AssertionViolation exception stopped the MySQL Enterprise Service
Manager from starting. This occurred if advisor overrides were
scheduled on the OS-level and also at the filesystem-level on a
different host. The MySQL Enterprise Service Manager could not
collate the schedules.
As of this release, such issues do not stop the MySQL Enterprise
Service Manager from starting. (Bug #18477809)