Submit a story to LinuxSecurity!

Thanks very much for your interest in sharing your story with us. Our site is driven by users like you.

Post anonymously

Please also feel free to using our GPG key (found on our About page) or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.

 

    Back

    Debian: DSA-4341-1: mariadb-10.1 security update

    Date19 Nov 2018
    CategoryDebian
    6453
    Posted ByAnthony Pell
    Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37. Please see the MariaDB 10.1 Release Notes for further details: 
    
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4341-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
https://www.debian.org/security/                     Salvatore Bonaccorso
November 19, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mariadb-10.1
CVE ID         : CVE-2017-10268 CVE-2017-10378 CVE-2017-15365 CVE-2018-2562 
                 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 
                 CVE-2018-2668 CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 
                 CVE-2018-2767 CVE-2018-2771 CVE-2018-2781 CVE-2018-2782 
                 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 
                 CVE-2018-2819 CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 
                 CVE-2018-3066 CVE-2018-3081 CVE-2018-3143 CVE-2018-3156 
                 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282
Debian Bug     : 885345 898444 898445 912848

Several issues have been discovered in the MariaDB database server. The
vulnerabilities are addressed by upgrading MariaDB to the new upstream
version 10.1.37. Please see the MariaDB 10.1 Release Notes for further
details:

 https://mariadb.com/kb/en/mariadb/mariadb-10127-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10128-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10129-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10130-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10131-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10132-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10133-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10134-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10135-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10136-release-notes/
 https://mariadb.com/kb/en/mariadb/mariadb-10137-release-notes/

For the stable distribution (stretch), these problems have been fixed in
version 10.1.37-0+deb9u1.

We recommend that you upgrade your mariadb-10.1 packages.

For the detailed security status of mariadb-10.1 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/mariadb-10.1

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    Get the Latest News & Insights

    Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox

    Related News

    ProtonVPN apps handed to open source community in transparency push
    ProtonVPN apps handed to open source community in transparency push
    Why Artificial Intelligence Is The Smart Way to Form Real Bonds With Customers
    Why Artificial Intelligence Is The Smart Way to Form Real Bonds With Customers
    The Performance Cost To SELinux On Fedora 31
    The Performance Cost To SELinux On Fedora 31
    Amazon’s Ring blamed hacks on consumers reusing their passwords. A lawsuit says that’s not true.
    Amazon’s Ring blamed hacks on consumers reusing their passwords. A lawsuit says that’s not true.
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"0","type":"x","order":"3","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    openSUSE: 2020:0096-1: moderate: libredwg
    Date22 Jan 2020 @ 20:11
    Ubuntu 4247-2: python-apt regression
    Date22 Jan 2020 @ 15:01
    openSUSE: 2020:0095-1: moderate: libredwg
    Date22 Jan 2020 @ 14:13
    SUSE: 2020:0183-1 important: the Linux Kernel (Live Patch 0 for SLE 12 SP5)
    Date22 Jan 2020 @ 14:12

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

    Learn More