Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 428
Alerts This Week
Warning Icon 1 428

openSUSE 42.1: 2016:3028-1 Important: MariaDB Security Threat

opensuse
Calendar Grey December 6, 2016
Dist Opensuse Esm H88
New release for openSUSE addresses 10 security vulnerabilities and improves postgresql functionality with critical updates.
An update that solves 9 vulnerabilities and has 5 fixes is now available.

Description

This mariadb update to version 10.0.28 fixes the following issues

(bsc#1008318):

Security fixes:

- CVE-2016-8283: Unspecified vulnerability in subcomponent Types

(bsc#1005582)

- CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption

(bsc#1005581)

- CVE-2016-5629: Unspecified vulnerability in subcomponent Federated

(bsc#1005569)

- CVE-2016-5626: Unspecified vulnerability in subcomponent GIS

(bsc#1005566)

- CVE-2016-5624: Unspecified vulnerability in subcomponent DML

(bsc#1005564)

- CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM

(bsc#1005562)

- CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption

(bsc#1005558)

- CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer

(bsc#1005555)

- CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367)

Bugfixes:

- mysql_install_db can't find data files (bsc#1006539)

- mariadb failing test...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2016-1417=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.1 (i586 x86_64):

libmysqlclient-devel-10.0.28-15.1

libmysqlclient18-10.0.28-15.1

libmysqlclient18-debuginfo-10.0.28-15.1

libmysqlclient_r18-10.0.28-15.1

libmysqld-devel-10.0.28-15.1

libmysqld18-10.0.28-15.1

libmysqld18-debuginfo-10.0.28-15.1

mariadb-10.0.28-15.1

mariadb-bench-10.0.28-15.1

mariadb-bench-debuginfo-10.0.28-15.1

mariadb-client-10.0.28-15.1

mariadb-client-debuginfo-10.0.28-15.1

mariadb-debuginfo-10.0.28-15.1

mariadb-debugsource-10.0.28-15.1

mariadb-errormessages-10.0.28-15.1

mariadb-test-10.0.28-15.1

mariadb-test-debuginfo-10.0.28-15.1

mariadb-tools-10.0.28-15.1

mariadb-tools-debuginfo-10.0.28-15.1

- openSUSE Leap 42.1 (x86_64):

libmysqlclient18-32bit-10.0.28-15.1

libmysqlclient18-debuginfo-32bit-10.0.28-15.1

libmysqlclient_r18-32bit-10.0.28-15.1

References

https://www.suse.com/security/cve/CVE-2016-3492.html

https://www.suse.com/security/cve/CVE-2016-5584.html

https://www.suse.com/security/cve/CVE-2016-5624.html

https://www.suse.com/security/cve/CVE-2016-5626.html

https://www.suse.com/security/cve/CVE-2016-5629.html

https://www.suse.com/security/cve/CVE-2016-6663.html

https://www.suse.com/security/cve/CVE-2016-7440.html

https://www.suse.com/security/cve/CVE-2016-8283.html

https://bugzilla.suse.com/1001367

https://bugzilla.suse.com/1003800

https://bugzilla.suse.com/1004477

https://bugzilla.suse.com/1005555

https://bugzilla.suse.com/1005558

https://bugzilla.suse.com/1005562

https://bugzilla.suse.com/1005564

https://bugzilla.suse.com/1005566

https://bugzilla.suse.com/1005569

https://bugzilla.suse.com/1005581

https://bugzilla.suse.com/1005582

https://bugzilla.suse.com/1006539

https://bugzilla.suse.com/1008318

https://bugzilla.suse.com/990890

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:3028-1
Rating: important
Affected Products: openSUSE Leap 42.1 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.