openSUSE Security Update: Security update for mariadb
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:2746-1
Rating:             important
References:         #1003800 #1005561 #1005570 #949520 #971456 
                    #983938 #984858 #986251 #989913 #989919 #989922 
                    #989926 #990890 #998309 
Cross-References:   CVE-2016-3477 CVE-2016-3521 CVE-2016-3615
                    CVE-2016-5440 CVE-2016-5612 CVE-2016-5630
                    CVE-2016-6662
Affected Products:
                    openSUSE 13.2
______________________________________________________________________________

   An update that solves 7 vulnerabilities and has 7 fixes is
   now available.

Description:


   This update for mariadb to 10.0.27 fixes the following issues:

   * release notes:
     * https://kb.askmonty.org/en/mariadb-10027-release-notes
     * https://kb.askmonty.org/en/mariadb-10026-release-notes
   * changelog:
     * https://kb.askmonty.org/en/mariadb-10027-changelog
     * https://kb.askmonty.org/en/mariadb-10026-changelog
   * fixed CVE's 10.0.27: CVE-2016-5612, CVE-2016-5630, CVE-2016-6662
     10.0.26: CVE-2016-5440, CVE-2016-3615, CVE-2016-3521, CVE-2016-3477
   * fix: [boo#1005561], [boo#1005570], [boo#998309], [boo#989926],
     [boo#989922],  [boo#989919],  [boo#989913]
   - requires devel packages for aio and lzo2
   - remove mariadb-10.0.21-mysql-test_main_bootstrap.patch that is no longer
     needed [boo#984858]
   - append "--ignore-db-dir=lost+found" to the mysqld options in
     "mysql-systemd-helper" script if "lost+found" directory is found in
     $datadir [boo#986251]
   - remove syslog.target from *.service files [boo#983938]
   - add systemd to deps to build on leap and friends
   - replace '%{_libexecdir}/systemd/system' with %{_unitdir} macro
   - remove useless mysql@default.service [boo#971456]
   - make ORDER BY optimization functions take into account multiple
     equalities [boo#949520]
   - adjust mysql-test results in order to take account of a new option
     (orderby_uses_equalities) added by the optimizer patch [boo#1003800]
   - replace all occurrences of the string "@sysconfdir@" with "/etc" in
     mysql-community-server-5.1.46-logrotate.patch as it wasn't expanded
     properly [boo#990890]


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2016-1274=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.2 (i586 x86_64):

      libmysqlclient-devel-10.0.27-2.27.1
      libmysqlclient18-10.0.27-2.27.1
      libmysqlclient18-debuginfo-10.0.27-2.27.1
      libmysqlclient_r18-10.0.27-2.27.1
      libmysqld-devel-10.0.27-2.27.1
      libmysqld18-10.0.27-2.27.1
      libmysqld18-debuginfo-10.0.27-2.27.1
      mariadb-10.0.27-2.27.1
      mariadb-bench-10.0.27-2.27.1
      mariadb-bench-debuginfo-10.0.27-2.27.1
      mariadb-client-10.0.27-2.27.1
      mariadb-client-debuginfo-10.0.27-2.27.1
      mariadb-debuginfo-10.0.27-2.27.1
      mariadb-debugsource-10.0.27-2.27.1
      mariadb-errormessages-10.0.27-2.27.1
      mariadb-test-10.0.27-2.27.1
      mariadb-test-debuginfo-10.0.27-2.27.1
      mariadb-tools-10.0.27-2.27.1
      mariadb-tools-debuginfo-10.0.27-2.27.1

   - openSUSE 13.2 (x86_64):

      libmysqlclient18-32bit-10.0.27-2.27.1
      libmysqlclient18-debuginfo-32bit-10.0.27-2.27.1
      libmysqlclient_r18-32bit-10.0.27-2.27.1


References:

   https://www.suse.com/security/cve/CVE-2016-3477.html
   https://www.suse.com/security/cve/CVE-2016-3521.html
   https://www.suse.com/security/cve/CVE-2016-3615.html
   https://www.suse.com/security/cve/CVE-2016-5440.html
   https://www.suse.com/security/cve/CVE-2016-5612.html
   https://www.suse.com/security/cve/CVE-2016-5630.html
   https://www.suse.com/security/cve/CVE-2016-6662.html
   https://bugzilla.suse.com/1003800
   https://bugzilla.suse.com/1005561
   https://bugzilla.suse.com/1005570
   https://bugzilla.suse.com/949520
   https://bugzilla.suse.com/971456
   https://bugzilla.suse.com/983938
   https://bugzilla.suse.com/984858
   https://bugzilla.suse.com/986251
   https://bugzilla.suse.com/989913
   https://bugzilla.suse.com/989919
   https://bugzilla.suse.com/989922
   https://bugzilla.suse.com/989926
   https://bugzilla.suse.com/990890
   https://bugzilla.suse.com/998309

openSUSE: 2016:2746-1: important: mariadb

November 8, 2016
An update that solves 7 vulnerabilities and has 7 fixes is An update that solves 7 vulnerabilities and has 7 fixes is An update that solves 7 vulnerabilities and has 7 fixes is now...

Description

This update for mariadb to 10.0.27 fixes the following issues: * release notes: * https://kb.askmonty.org/en/mariadb-10027-release-notes * https://kb.askmonty.org/en/mariadb-10026-release-notes * changelog: * https://kb.askmonty.org/en/mariadb-10027-changelog * https://kb.askmonty.org/en/mariadb-10026-changelog * fixed CVE's 10.0.27: CVE-2016-5612, CVE-2016-5630, CVE-2016-6662 10.0.26: CVE-2016-5440, CVE-2016-3615, CVE-2016-3521, CVE-2016-3477 * fix: [boo#1005561], [boo#1005570], [boo#998309], [boo#989926], [boo#989922], [boo#989919], [boo#989913] - requires devel packages for aio and lzo2 - remove mariadb-10.0.21-mysql-test_main_bootstrap.patch that is no longer needed [boo#984858] - append "--ignore-db-dir=lost+found" to the mysqld options in "mysql-systemd-helper" script if "lost+found" directory is found in $datadir [boo#986251] - remove syslog.target from *.service files [boo#983938] - add systemd to deps to build on leap and friends - replace '%{_libexecdir}/systemd/system' with %{_unitdir} macro - remove useless mysql@default.service [boo#971456] - make ORDER BY optimization functions take into account multiple equalities [boo#949520] - adjust mysql-test results in order to take account of a new option (orderby_uses_equalities) added by the optimizer patch [boo#1003800] - replace all occurrences of the string "@sysconfdir@" with "/etc" in mysql-community-server-5.1.46-logrotate.patch as it wasn't expanded properly [boo#990890]

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-1274=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 13.2 (i586 x86_64): libmysqlclient-devel-10.0.27-2.27.1 libmysqlclient18-10.0.27-2.27.1 libmysqlclient18-debuginfo-10.0.27-2.27.1 libmysqlclient_r18-10.0.27-2.27.1 libmysqld-devel-10.0.27-2.27.1 libmysqld18-10.0.27-2.27.1 libmysqld18-debuginfo-10.0.27-2.27.1 mariadb-10.0.27-2.27.1 mariadb-bench-10.0.27-2.27.1 mariadb-bench-debuginfo-10.0.27-2.27.1 mariadb-client-10.0.27-2.27.1 mariadb-client-debuginfo-10.0.27-2.27.1 mariadb-debuginfo-10.0.27-2.27.1 mariadb-debugsource-10.0.27-2.27.1 mariadb-errormessages-10.0.27-2.27.1 mariadb-test-10.0.27-2.27.1 mariadb-test-debuginfo-10.0.27-2.27.1 mariadb-tools-10.0.27-2.27.1 mariadb-tools-debuginfo-10.0.27-2.27.1 - openSUSE 13.2 (x86_64): libmysqlclient18-32bit-10.0.27-2.27.1 libmysqlclient18-debuginfo-32bit-10.0.27-2.27.1 libmysqlclient_r18-32bit-10.0.27-2.27.1


References

https://www.suse.com/security/cve/CVE-2016-3477.html https://www.suse.com/security/cve/CVE-2016-3521.html https://www.suse.com/security/cve/CVE-2016-3615.html https://www.suse.com/security/cve/CVE-2016-5440.html https://www.suse.com/security/cve/CVE-2016-5612.html https://www.suse.com/security/cve/CVE-2016-5630.html https://www.suse.com/security/cve/CVE-2016-6662.html https://bugzilla.suse.com/1003800 https://bugzilla.suse.com/1005561 https://bugzilla.suse.com/1005570 https://bugzilla.suse.com/949520 https://bugzilla.suse.com/971456 https://bugzilla.suse.com/983938 https://bugzilla.suse.com/984858 https://bugzilla.suse.com/986251 https://bugzilla.suse.com/989913 https://bugzilla.suse.com/989919 https://bugzilla.suse.com/989922 https://bugzilla.suse.com/989926 https://bugzilla.suse.com/990890 https://bugzilla.suse.com/998309


Severity
Announcement ID: openSUSE-SU-2016:2746-1
Rating: important
Affected Products: openSUSE 13.2

Related News

21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved