Oval Definition:oval:org.opensuse.security:def:55737
Revision Date:2020-12-01Version:1
Title:Security update for mariadb (Important)
Description:

mariadb was updated to version 10.0.25 to fix 25 security issues.

These security issues were fixed: - CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options (bsc#980904). - CVE-2016-0546: Unspecified vulnerability allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Client (bsc#980904). - CVE-2016-0596: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to DML (bsc#980904). - CVE-2016-0597: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Optimizer (bsc#980904). - CVE-2016-0598: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to DML (bsc#980904). - CVE-2016-0600: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to InnoDB (bsc#980904). - CVE-2016-0606: Unspecified vulnerability allowed remote authenticated users to affect integrity via unknown vectors related to encryption (bsc#980904). - CVE-2016-0608: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to UDF (bsc#980904). - CVE-2016-0609: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to privileges (bsc#980904). - CVE-2016-0616: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Optimizer (bsc#980904). - CVE-2016-0640: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to DML (bsc#980904). - CVE-2016-0641: Unspecified vulnerability allowed local users to affect confidentiality and availability via vectors related to MyISAM (bsc#980904). - CVE-2016-0642: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to Federated (bsc#980904). - CVE-2016-0643: Unspecified vulnerability allowed local users to affect confidentiality via vectors related to DML (bsc#980904). - CVE-2016-0644: Unspecified vulnerability allowed local users to affect availability via vectors related to DDL (bsc#980904). - CVE-2016-0646: Unspecified vulnerability allowed local users to affect availability via vectors related to DML (bsc#980904). - CVE-2016-0647: Unspecified vulnerability allowed local users to affect availability via vectors related to FTS (bsc#980904). - CVE-2016-0648: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#980904). - CVE-2016-0649: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#980904). - CVE-2016-0650: Unspecified vulnerability allowed local users to affect availability via vectors related to Replication (bsc#980904). - CVE-2016-0651: Unspecified vulnerability allowed local users to affect availability via vectors related to Optimizer (bsc#980904). - CVE-2016-0655: Unspecified vulnerability allowed local users to affect availability via vectors related to InnoDB (bsc#980904). - CVE-2016-0666: Unspecified vulnerability allowed local users to affect availability via vectors related to Security: Privileges (bsc#980904). - CVE-2016-0668: Unspecified vulnerability allowed local users to affect availability via vectors related to InnoDB (bsc#980904). - CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c did not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via a '/CN=' string in a field in a certificate, as demonstrated by '/OU=/CN=bar.com/CN=foo.com (bsc#963806).

These non-security issues were fixed: - bsc#960961: Use 'plugin-load-add' instead of 'plugin-load' in default_plugins.cnf. It contained 'plugin-load' options which caused that only last plugin was actually loaded ('plugin-load' overrides the previous 'plugin-load') - bsc#961935: Remove the leftovers of 'openSUSE' string in the '-DWITH_COMMENT' and 'DCOMPILATION_COMMENT' options
Family:unixClass:patch
Status:Reference(s):1005070
1005072
1005076
1012568
1019251
1020928
1051510
1053153
1069708
1082635
1082828
1083647
1087082
1087083
1089343
1090631
1092885
1096223
1096254
1098735
1104134
1117665
1119461
1119465
1123034
1135966
1135967
1137040
1138190
1139073
1140090
1143706
1144338
1144903
1146612
1149119
1150457
1151225
1152624
1153476
1153509
1153969
1154737
1154848
1154858
1154905
1154959
1155178
1155179
1155184
1155186
1155671
1158809
777588
808355
815451
821667
834601
835827
836937
852368
960961
961935
963806
973660
980904
986566
989980
993453
993454
998677
CVE-2011-2483
CVE-2011-3177
CVE-2012-1956
CVE-2012-1970
CVE-2012-1971
CVE-2012-1972
CVE-2012-1973
CVE-2012-1974
CVE-2012-1975
CVE-2012-1976
CVE-2012-3956
CVE-2012-3957
CVE-2012-3958
CVE-2012-3959
CVE-2012-3960
CVE-2012-3961
CVE-2012-3962
CVE-2012-3963
CVE-2012-3964
CVE-2012-3965
CVE-2012-3966
CVE-2012-3967
CVE-2012-3968
CVE-2012-3969
CVE-2012-3970
CVE-2012-3971
CVE-2012-3972
CVE-2012-3973
CVE-2012-3974
CVE-2012-3975
CVE-2012-3976
CVE-2012-3978
CVE-2012-3979
CVE-2012-3980
CVE-2013-0200
CVE-2013-1983
CVE-2013-2001
CVE-2013-4238
CVE-2013-4325
CVE-2013-6402
CVE-2015-2304
CVE-2016-0505
CVE-2016-0546
CVE-2016-0596
CVE-2016-0597
CVE-2016-0598
CVE-2016-0600
CVE-2016-0606
CVE-2016-0608
CVE-2016-0609
CVE-2016-0616
CVE-2016-0640
CVE-2016-0641
CVE-2016-0642
CVE-2016-0643
CVE-2016-0644
CVE-2016-0646
CVE-2016-0647
CVE-2016-0648
CVE-2016-0649
CVE-2016-0650
CVE-2016-0651
CVE-2016-0655
CVE-2016-0666
CVE-2016-0668
CVE-2016-2047
CVE-2016-5418
CVE-2016-5423
CVE-2016-5424
CVE-2016-5844
CVE-2016-6250
CVE-2016-8687
CVE-2016-8688
CVE-2016-8689
CVE-2016-9962
CVE-2017-10661
CVE-2017-15130
CVE-2017-16939
CVE-2018-11806
CVE-2018-12207
CVE-2018-12617
CVE-2018-3639
CVE-2018-3640
CVE-2018-3646
CVE-2019-0154
CVE-2019-0155
CVE-2019-10220
CVE-2019-11135
CVE-2019-1551
CVE-2019-16233
SUSE-SU-2016:1619-1
SUSE-SU-2016:2415-1
SUSE-SU-2016:2911-1
SUSE-SU-2017:1964-1
SUSE-SU-2017:3332-1
SUSE-SU-2018:2331-1
SUSE-SU-2018:2565-1
SUSE-SU-2018:2632-1
SUSE-SU-2020:0028-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bind-9.11.2-lp150.7 is installed
  • OR bind-chrootenv-9.11.2-lp150.7 is installed
  • OR bind-utils-9.11.2-lp150.7 is installed
  • OR libbind9-160-9.11.2-lp150.7 is installed
  • OR libdns169-9.11.2-lp150.7 is installed
  • OR libirs160-9.11.2-lp150.7 is installed
  • OR libisc166-9.11.2-lp150.7 is installed
  • OR libisccc160-9.11.2-lp150.7 is installed
  • OR libisccfg160-9.11.2-lp150.7 is installed
  • OR liblwres160-9.11.2-lp150.7 is installed
  • OR python3-bind-9.11.2-lp150.7 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libu2f-host-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-devel-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-doc-1.1.6-lp151.2.3 is installed
  • OR libu2f-host0-1.1.6-lp151.2.3 is installed
  • OR u2f-host-1.1.6-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-10.0.7-0.3 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.7 is installed
  • OR MozillaFirefox-translations-10.0.7-0.3 is installed
  • OR libfreebl3-3.13.6-0.5 is installed
  • OR libfreebl3-32bit-3.13.6-0.5 is installed
  • OR mozilla-nspr-4.9.2-0.6 is installed
  • OR mozilla-nspr-32bit-4.9.2-0.6 is installed
  • OR mozilla-nss-3.13.6-0.5 is installed
  • OR mozilla-nss-32bit-3.13.6-0.5 is installed
  • OR mozilla-nss-tools-3.13.6-0.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • hplip-3.11.10-0.6.11 is installed
  • OR hplip-hpijs-3.11.10-0.6.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libmysqlclient18-10.0.25-20.6 is installed
  • OR libmysqlclient18-32bit-10.0.25-20.6 is installed
  • OR libmysqlclient_r18-10.0.25-20.6 is installed
  • OR libmysqlclient_r18-32bit-10.0.25-20.6 is installed
  • OR mariadb-10.0.25-20.6 is installed
  • OR mariadb-client-10.0.25-20.6 is installed
  • OR mariadb-errormessages-10.0.25-20.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libecpg6-9.4.9-14 is installed
  • OR libpq5-9.4.9-14 is installed
  • OR libpq5-32bit-9.4.9-14 is installed
  • OR postgresql94-9.4.9-14 is installed
  • OR postgresql94-libs-9.4.9-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • kernel-default-4.12.14-95.40 is installed
  • OR kernel-default-devel-4.12.14-95.40 is installed
  • OR kernel-default-extra-4.12.14-95.40 is installed
  • OR kernel-devel-4.12.14-95.40 is installed
  • OR kernel-macros-4.12.14-95.40 is installed
  • OR kernel-source-4.12.14-95.40 is installed
  • OR kernel-syms-4.12.14-95.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libXxf86vm1-1.1.3-3 is installed
  • OR libXxf86vm1-32bit-1.1.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_35-default-8-2 is installed
  • OR kgraft-patch-3_12_69-60_64_35-xen-8-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_14-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gnome-shell-3.20.4-70 is installed
  • OR gnome-shell-browser-plugin-3.20.4-70 is installed
  • OR gnome-shell-lang-3.20.4-70 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • gvim-7.4.326-17.3 is installed
  • OR vim-7.4.326-17.3 is installed
  • OR vim-data-7.4.326-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_32-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_11-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND sudo-1.8.20p2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.17-28.42 is installed
  • OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed
  • OR python-2.7.17-28.42 is installed
  • OR python-32bit-2.7.17-28.42 is installed
  • OR python-base-2.7.17-28.42 is installed
  • OR python-base-32bit-2.7.17-28.42 is installed
  • OR python-curses-2.7.17-28.42 is installed
  • OR python-demo-2.7.17-28.42 is installed
  • OR python-devel-2.7.17-28.42 is installed
  • OR python-doc-2.7.17-28.42 is installed
  • OR python-doc-pdf-2.7.17-28.42 is installed
  • OR python-gdbm-2.7.17-28.42 is installed
  • OR python-idle-2.7.17-28.42 is installed
  • OR python-rpm-macros-20200207.5feb6c1-3.19 is installed
  • OR python-tk-2.7.17-28.42 is installed
  • OR python-xml-2.7.17-28.42 is installed
  • OR shared-python-startup-0.1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • curl-7.37.0-37.47 is installed
  • OR libcurl4-7.37.0-37.47 is installed
  • OR libcurl4-32bit-7.37.0-37.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libspice-server1-0.12.8-12 is installed
  • OR spice-0.12.8-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • containerd-0.2.5+gitr569_2a5e70c-15 is installed
  • OR docker-1.12.6-87 is installed
  • OR runc-0.1.1+gitr2819_50a19c6-15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-aodh-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-api-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-doc-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-evaluator-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-expirer-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-listener-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-notifier-3.0.4~a0~dev1-2.3 is installed
  • OR python-aodh-3.0.4~a0~dev1-2.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-68.3.0-109.98 is installed
  • OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • openstack-manila-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-api-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-data-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-share-7.3.1~dev15-4.18 is installed
  • OR python-manila-7.3.1~dev15-4.18 is installed
    • BACK