Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Fedora 22: 2015-10849 Moderate: MariaDB SSL Enforcement Issue

fedora
Calendar Grey July 3, 2015
Scroller Fedora
Important security update for Fedora 22 users: Upgrade to the latest MariaDB version to address CVE-2015-3152 and benefit from vital fixes and enhancements
This is an update to most recent version 10.0.20, that also fixes CVE-2015-3152.

Summary

MariaDB is a community developed branch of MySQL.

MariaDB is a multi-user, multi-threaded SQL database server.

It is a client/server implementation consisting of a server daemon (mysqld)

and many different client programs and libraries. The base package

contains the standard MariaDB/MySQL client programs and generic MySQL files.

Update Information:

This is an update to most recent version 10.0.20, that also fixes CVE-2015-3152.

Change Log

* Tue Jun 23 2015 Honza Horak - 1:10.0.20-1 - Update to 10.0.20 * Wed Jun 17 2015 Fedora Release Engineering - 1:10.0.19-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Wed Jun 3 2015 Dan Horák - 1:10.0.19-2 - Update lists of failing tests (jdornak) Related: #1149647 * Mon May 11 2015 Honza Horak - 1:10.0.19-1 - Update to 10.0.19 * Thu May 7 2015 Honza Horak - 1:10.0.18-1 - Update to 10.0.18 * Thu May 7 2015 Honza Horak - 1:10.0.17-4 - Include client plugins into -common package since they are used by both -libs and base packages. - Do not use libedit Related: #1201988 - Let plugin dir to be owned by -common - Use correct comment in the init script Related: #1184604 - Add openssl as BuildRequires to run some openssl tests during build Related: #1189180 - Fail in case any command in check fails Related: #1124791 - Fix mysqladmin crash if run with -u root -p Resolves: #1207170 * Sat May 2 2015 Kalev Lember - 1:10.0.17-3 - Rebuilt for GCC 5 C++11 ABI change * Fri Mar 6 2015 Honza Horak - 1:10.0.17-2 - Wait for daemon ends Resolves: #1072958 - Do not include symlink to libmysqlclient if not shipping the library - Do not use scl prefix more than once in paths Based on

References


[ 1 ] Bug #1217506 - CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM) https://bugzilla.redhat.com/show_bug.cgi?id=1217506

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update mariadb' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: mariadb
Product: Fedora 22
Version: 10.0.20
Release: 1.fc22
Summary: A community developed branch of MySQL

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.