Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

SUSE: 2018-3542-1 Critical: MySQL Denial of Service Vulnerability

suse
Calendar Grey October 29, 2018
Dist Suse Esm H88
The recent update for PostgreSQL addresses several critical vulnerabilities and bugs on Ubuntu platforms, significantly improving both system security and performance.
An update that fixes four vulnerabilities is now available

Summary

MySQL server was updated to version 5.5.62, fixing bugs and security issues. Changes: Following security issues were fixed: - CVE-2016-9843: The crc32_big function in zlib might have allowed context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. (bsc#1013882) Please note that SUSE uses the system zlib, not the embedded copy. - CVE-2018-3133: Authenticated low privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112369) - CVE-2018-3174: Authenticated high privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112368) - CVE-2018-3282: Authenticated high privilege attackers could cause denial

References

#1013882 #1112368 #1112369 #1112432

Cross- CVE-2016-9843 CVE-2018-3133 CVE-2018-3174

CVE-2018-3282

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3-LTSS

SUSE Linux Enterprise Point of Sale 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2016-9843.html

https://www.suse.com/security/cve/CVE-2018-3133.html

https://www.suse.com/security/cve/CVE-2018-3174.html

https://www.suse.com/security/cve/CVE-2018-3282.html

https://bugzilla.suse.com/1013882

https://bugzilla.suse.com/1112368

https://bugzilla.suse.com/1112369

https://bugzilla.suse.com/1112432

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:3542-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.