Explore top 10 tips to secure your open-source projects now. Read More
×
An update that solves 10 vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3972-1 Rating: important References: #1013882 #1101676 #1101677 #1101678 #1103342 #1112368 #1112397 #1112417 #1112421 #1112432 #1116686 Cross-References: CVE-2016-9843 CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282 Affected Products: SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves 10 vulnerabilities and has one errata is now available. Description: This update for mariadb fixes the following issues: Update to MariaDB 10.0.37 GA (bsc#1116686). Security issues fixed: - CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432) - CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397) - CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368) - CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417) - CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421) - CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678) - CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342) - CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677) - CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL(subcomponent MyISAM). (bsc#1101676) - CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882) Release notes and changelog: - https://mariadb.com/docs/release-notes/community-server/old-releases/release-notes-mariadb-10-0-series/mariadb-10037-release-notes/ - https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-100-series/mariadb-10037-changelog/ - https://mariadb.com/docs/release-notes/community-server/old-releases/release-notes-mariadb-10-0-series/mariadb-10036-release-notes/ - https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-100-series/mariadb-10036-changelog/ Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2833=1 Package List: - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): libmysqlclient-devel-10.0.37-20.49.2 libmysqlclient18-10.0.37-20.49.2 libmysqlclient18-debuginfo-10.0.37-20.49.2 libmysqlclient_r18-10.0.37-20.49.2 libmysqld-devel-10.0.37-20.49.2 libmysqld18-10.0.37-20.49.2 libmysqld18-debuginfo-10.0.37-20.49.2 mariadb-10.0.37-20.49.2 mariadb-client-10.0.37-20.49.2 mariadb-client-debuginfo-10.0.37-20.49.2 mariadb-debuginfo-10.0.37-20.49.2 mariadb-debugsource-10.0.37-20.49.2 mariadb-errormessages-10.0.37-20.49.2 mariadb-tools-10.0.37-20.49.2 mariadb-tools-debuginfo-10.0.37-20.49.2 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): libmysqlclient18-32bit-10.0.37-20.49.2 libmysqlclient18-debuginfo-32bit-10.0.37-20.49.2 References: https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2018-3058.html https://www.suse.com/security/cve/CVE-2018-3063.html https://www.suse.com/security/cve/CVE-2018-3064.html https://www.suse.com/security/cve/CVE-2018-3066.html https://www.suse.com/security/cve/CVE-2018-3143.html https://www.suse.com/security/cve/CVE-2018-3156.html https://www.suse.com/security/cve/CVE-2018-3174.html https://www.suse.com/security/cve/CVE-2018-3251.html https://www.suse.com/security/cve/CVE-2018-3282.html https://bugzilla.suse.com/1013882 https://bugzilla.suse.com/1101676 https://bugzilla.suse.com/1101677 https://bugzilla.suse.com/1101678 https://bugzilla.suse.com/1103342 https://bugzilla.suse.com/1112368 https://bugzilla.suse.com/1112397 https://bugzilla.suse.com/1112417 https://bugzilla.suse.com/1112421 https://bugzilla.suse.com/1112432 https://bugzilla.suse.com/1116686 _______________________________________________ sle-security-updates mailing list
Get the latest Linux and open source security news straight to your inbox.