Slackware 14.1: 2014-050-02 Critical: Mariadb Buffer Overflow
slackware
February 20, 2014
New mariadb and mysql packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue
Summary
Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mariadb-5.5.35-i486-1_slack14.1.txz: Upgraded. This update fixes a buffer overflow in the mysql command line client which may allow malicious or compromised database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2014-0001 (* Security fix *)
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mysql-5.0.96-i486-2_slack13.0.txz
Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mysql-5.0.96-x86_64-2_slack13.0.txz
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mysql-5.1.73-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mysql-5.1.73-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mysql-5.1.73-i486-1_slack13.37.txz
Updated package for Slackwar...
MD5 Signatures
Slackware 13.0 package:
1cce4ce596cb9f42513d8a9916576af8 mysql-5.0.96-i486-2_slack13.0.txz
Slackware x86_64 13.0 package:
ef5a1237b6878d711a32b653bbae7cb5 mysql-5.0.96-x86_64-2_slack13.0.txz
Slackware 13.1 package:
3f83cf2cf1d9aa42e4104b08abdc263b mysql-5.1.73-i486-1_slack13.1.txz
Slackware x86_64 13.1 package:
6a8b07c70f5d20892316713853c27fa8 mysql-5.1.73-x86_64-1_slack13.1.txz
Slackware 13.37 package:
58fa913ee68907884197c465e130a010 mysql-5.1.73-i486-1_slack13.37.txz
Slackware x86_64 13.37 package:
8d2b940be5f141b9c2b0e0a43c67bf63 mysql-5.1.73-x86_64-1_slack13.37.txz
Slackware 14.0 package:
ac87007a1dd38d854fcdade3a2a42d03 mysql-5.5.36-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
c6c4ba0de7750bc23cab8be4b33f0716 mysql-5.5.36-x86_64-1_slack14.0.txz
Slackware 14.1 package:
0e14c2b69128af4ff32b5bc760434ccb mariadb-5.5.35-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
08890b91bb6e2db66c501a7a10e936a7 mariadb-5.5.35-x86_64-1_slack14.1.txz
Slackware -current package:
d085ede95618780ae8b78dfe51ab127d ap/mariadb-5.5.35-i486-1.txz
Slackware x86_64 -current package:
305eba3dc795b5308a9f39e196323395 ap/mariadb-5.5.35-x86_64-1.txz
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg mariadb-5.5.35-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!