Stay Secure with the Latest Linux Advisories

security advisorymoderatefedora

Fedora 22: 2015-10849 Moderate: MariaDB SSL Enforcement Issue

This is an update to most recent version 10.0.20, that also fixes CVE-2015-3152.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-10849 2015-06-27 09:58:19 -------------------------------------------------------------------------------- Name : mariadb Product : Fedora 22 Version : 10.0.20 Release : 1.fc22 URL : http://mariadb.org Summary : A community developed branch of MySQL Description : MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and generic MySQL files. -------------------------------------------------------------------------------- Update Information: This is an update to most recent version 10.0.20, that also fixes CVE-2015-3152. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2015 Honza Horak - 1:10.0.20-1 - Update to 10.0.20 * Wed Jun 17 2015 Fedora Release Engineering - 1:10.0.19-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Wed Jun 3 2015 Dan Horák - 1:10.0.19-2 - Update lists of failing tests (jdornak) Related: #1149647 * Mon May 11 2015 Honza Horak - 1:10.0.19-1 - Update to 10.0.19 * Thu May 7 2015 Honza Horak - 1:10.0.18-1 - Update to 10.0.18 * Thu May 7 2015 Honza Horak - 1:10.0.17-4 - Include client plugins into -common package since they are used by both -libs and base packages. - Do not use libedit Related: #1201988 - Let plugin dir to be owned by -common - Use correct comment in the init script Related: #1184604 - Add openssl as BuildRequires to run some openssl tests during build Related: #1189180 - Fail in case any command in check fails Related: #1124791 - Fix mysqladmin crash if run with -u root -p Resolves:#1207170 * Sat May 2 2015 Kalev Lember - 1:10.0.17-3 - Rebuilt for GCC 5 C++11 ABI change * Fri Mar 6 2015 Honza Horak - 1:10.0.17-2 - Wait for daemon ends Resolves: #1072958 - Do not include symlink to libmysqlclient if not shipping the library - Do not use scl prefix more than once in paths Based on -------------------------------------------------------------------------------- References: [ 1 ] Bug #1217506 - CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM) https://bugzilla.redhat.com/show_bug.cgi?id=1217506 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mariadb' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Important security update for Fedora 22 users: Upgrade to the latest MariaDB version to address CVE-2015-3152 and benefit from vital fixes and enhancements. Fedora 22 Security, MariaDB Fix, SQL Security Update. . Severity: Important. LinuxSecurity.com Team

Jul 03, 2015 •Important Fedora