SUSE Linux Enterprise Server 12: SUSE-SU-2016:2395-1 Critical Code Exec
suse
September 27, 2016
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is ...
Summary
This update for mariadb to 1.0.0.27 fixes the following issues: Security issue fixed: * CVE-2016-6662: A malicious user with SQL and filesystem access could create a my.cnf in the datadir and , under certain circumstances, execute arbitrary code as mysql (or even root) user. (bsc#998309) * release notes: * https://mariadb.com/docs/release-notes/community-server/old-releases/release-notes-mariadb-10-0-series/mariadb-10027-release-notes * changelog: * https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-100-series/mariadb-10027-changelog Bugs fixed: - Make ORDER BY optimization functions take into account multiple equalities. (bsc#949520) Patch Instructions: To install this SUSE Security Update use YaST online_update.
Topics Covered
References
#949520 #998309
Cross- CVE-2016-6662
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
https://www.suse.com/security/cve/CVE-2016-6662.html
https://bugzilla.suse.com/949520
https://bugzilla.suse.com/998309
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2016:2395-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!