OVAL Reference oval:org.opensuse.security:def:56139

Oval Definition:

oval:org.opensuse.security:def:56139

Revision Date:	2020-12-01	Version:	1
Title:	Security update for mariadb (Important)
Description:	This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3309: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3453: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3456: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3464: Subcomponent: Server: DDL: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) Bug fixes: - switch from 'Restart=on-failure' to 'Restart=on-abort' in mysql.service in order to follow the upstream. It also fixes hanging mysql-systemd-helper when mariadb fails (e.g. because of the misconfiguration) (bsc#963041) - XtraDB updated to 5.6.36-82.0 - TokuDB updated to 5.6.36-82.0 - Innodb updated to 5.6.36 - Performance Schema updated to 5.6.36 Release notes and changelog: - https://kb.askmonty.org/en/mariadb-10031-release-notes - https://kb.askmonty.org/en/mariadb-10031-changelog
Family:	unix	Class:	patch
Status:		Reference(s):	1008253 1020868 1020873 1020875 1020877 1020878 1020882 1020884 1020885 1020891 1020894 1020896 1022428 1035283 1048715 1050469 1104668 1154862 900914 915410 963041 965875 965901 979475 982575 982745 983249 988591 990419 993819 994749 994844 995075 995324 995359 995377 998190 999665 999666 999668 CVE-2007-4129 CVE-2010-0624 CVE-2011-2729 CVE-2013-6418 CVE-2014-5044 CVE-2014-6272 CVE-2014-8242 CVE-2014-9112 CVE-2014-9512 CVE-2015-5276 CVE-2016-0739 CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6664 CVE-2017-10971 CVE-2017-10972 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3308 CVE-2017-3309 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2018-12539 CVE-2018-1517 CVE-2018-1656 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2019-17498 SUSE-SU-2016:0176-1 SUSE-SU-2016:0400-1 SUSE-SU-2016:0622-1 SUSE-SU-2016:2394-1 SUSE-SU-2017:0412-1 SUSE-SU-2017:1859-1 SUSE-SU-2017:2035-1 SUSE-SU-2017:3062-1 SUSE-SU-2018:2649-1 SUSE-SU-2019:2936-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND binutils-2.29.1-lp150.4 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information apache2-mod_php7-7.2.5-lp151.6.6 is installed OR php7-7.2.5-lp151.6.6 is installed OR php7-bcmath-7.2.5-lp151.6.6 is installed OR php7-bz2-7.2.5-lp151.6.6 is installed OR php7-calendar-7.2.5-lp151.6.6 is installed OR php7-ctype-7.2.5-lp151.6.6 is installed OR php7-curl-7.2.5-lp151.6.6 is installed OR php7-dba-7.2.5-lp151.6.6 is installed OR php7-devel-7.2.5-lp151.6.6 is installed OR php7-dom-7.2.5-lp151.6.6 is installed OR php7-embed-7.2.5-lp151.6.6 is installed OR php7-enchant-7.2.5-lp151.6.6 is installed OR php7-exif-7.2.5-lp151.6.6 is installed OR php7-fastcgi-7.2.5-lp151.6.6 is installed OR php7-fileinfo-7.2.5-lp151.6.6 is installed OR php7-firebird-7.2.5-lp151.6.6 is installed OR php7-fpm-7.2.5-lp151.6.6 is installed OR php7-ftp-7.2.5-lp151.6.6 is installed OR php7-gd-7.2.5-lp151.6.6 is installed OR php7-gettext-7.2.5-lp151.6.6 is installed OR php7-gmp-7.2.5-lp151.6.6 is installed OR php7-iconv-7.2.5-lp151.6.6 is installed OR php7-intl-7.2.5-lp151.6.6 is installed OR php7-json-7.2.5-lp151.6.6 is installed OR php7-ldap-7.2.5-lp151.6.6 is installed OR php7-mbstring-7.2.5-lp151.6.6 is installed OR php7-mysql-7.2.5-lp151.6.6 is installed OR php7-odbc-7.2.5-lp151.6.6 is installed OR php7-opcache-7.2.5-lp151.6.6 is installed OR php7-openssl-7.2.5-lp151.6.6 is installed OR php7-pcntl-7.2.5-lp151.6.6 is installed OR php7-pdo-7.2.5-lp151.6.6 is installed OR php7-pear-7.2.5-lp151.6.6 is installed OR php7-pear-Archive_Tar-7.2.5-lp151.6.6 is installed OR php7-pgsql-7.2.5-lp151.6.6 is installed OR php7-phar-7.2.5-lp151.6.6 is installed OR php7-posix-7.2.5-lp151.6.6 is installed OR php7-readline-7.2.5-lp151.6.6 is installed OR php7-shmop-7.2.5-lp151.6.6 is installed OR php7-snmp-7.2.5-lp151.6.6 is installed OR php7-soap-7.2.5-lp151.6.6 is installed OR php7-sockets-7.2.5-lp151.6.6 is installed OR php7-sodium-7.2.5-lp151.6.6 is installed OR php7-sqlite-7.2.5-lp151.6.6 is installed OR php7-sysvmsg-7.2.5-lp151.6.6 is installed OR php7-sysvsem-7.2.5-lp151.6.6 is installed OR php7-sysvshm-7.2.5-lp151.6.6 is installed OR php7-testresults-7.2.5-lp151.6.6 is installed OR php7-tidy-7.2.5-lp151.6.6 is installed OR php7-tokenizer-7.2.5-lp151.6.6 is installed OR php7-wddx-7.2.5-lp151.6.6 is installed OR php7-xmlreader-7.2.5-lp151.6.6 is installed OR php7-xmlrpc-7.2.5-lp151.6.6 is installed OR php7-xmlwriter-7.2.5-lp151.6.6 is installed OR php7-xsl-7.2.5-lp151.6.6 is installed OR php7-zip-7.2.5-lp151.6.6 is installed OR php7-zlib-7.2.5-lp151.6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND rsync-3.0.4-2.49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.569-0.35 is installed OR flash-player-gnome-11.2.202.569-0.35 is installed OR flash-player-kde4-11.2.202.569-0.35 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libmysqlclient18-10.0.31-29.3 is installed OR libmysqlclient18-32bit-10.0.31-29.3 is installed OR libmysqlclient_r18-10.0.31-29.3 is installed OR libmysqlclient_r18-32bit-10.0.31-29.3 is installed OR mariadb-10.0.31-29.3 is installed OR mariadb-client-10.0.31-29.3 is installed OR mariadb-errormessages-10.0.31-29.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND coolkey-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xorg-x11-server-7.6_1.15.2-53.3 is installed OR xorg-x11-server-extra-7.6_1.15.2-53.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache-commons-daemon-1.0.15-4 is installed OR apache-commons-daemon-javadoc-1.0.15-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information jakarta-commons-fileupload-1.1.1-122.3 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-9-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-9-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXinerama1-1.1.3-3 is installed OR libXinerama1-32bit-1.1.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpolkit0-0.113-5.12 is installed OR polkit-0.113-5.12 is installed OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libjson-c2-0.11-2 is installed OR libjson-c2-32bit-0.11-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND python-tablib-0.9.11-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information ardana-db-9.0+git.1572311426.a6dc2fd-3.13 is installed OR ardana-keystone-9.0+git.1573069087.15ffd1c-3.13 is installed OR ardana-neutron-9.0+git.1572019823.6650494-3.16 is installed OR ardana-nova-9.0+git.1572618171.4460843-3.13 is installed OR openstack-barbican-7.0.1~dev21-3.3 is installed OR openstack-barbican-api-7.0.1~dev21-3.3 is installed OR openstack-barbican-keystone-listener-7.0.1~dev21-3.3 is installed OR openstack-barbican-retry-7.0.1~dev21-3.3 is installed OR openstack-barbican-worker-7.0.1~dev21-3.3 is installed OR openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.3 is installed OR openstack-keystone-14.1.1~dev28-3.16 is installed OR openstack-neutron-13.0.6~dev8-3.16 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-gbp-5.0.1~dev476-3.13 is installed OR openstack-neutron-ha-tool-13.0.6~dev8-3.16 is installed OR openstack-neutron-l3-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-lbaas-13.0.1~dev16-3.13 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev16-3.13 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-metadata-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-metering-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-server-13.0.6~dev8-3.16 is installed OR openstack-nova-18.2.4~dev22-3.16 is installed OR openstack-nova-api-18.2.4~dev22-3.16 is installed OR openstack-nova-cells-18.2.4~dev22-3.16 is installed OR openstack-nova-compute-18.2.4~dev22-3.16 is installed OR openstack-nova-conductor-18.2.4~dev22-3.16 is installed OR openstack-nova-console-18.2.4~dev22-3.16 is installed OR openstack-nova-novncproxy-18.2.4~dev22-3.16 is installed OR openstack-nova-placement-api-18.2.4~dev22-3.16 is installed OR openstack-nova-scheduler-18.2.4~dev22-3.16 is installed OR openstack-nova-serialproxy-18.2.4~dev22-3.16 is installed OR openstack-nova-vncproxy-18.2.4~dev22-3.16 is installed OR openstack-octavia-3.2.1~dev3-3.16 is installed OR openstack-octavia-amphora-agent-3.2.1~dev3-3.16 is installed OR openstack-octavia-api-3.2.1~dev3-3.16 is installed OR openstack-octavia-health-manager-3.2.1~dev3-3.16 is installed OR openstack-octavia-housekeeping-3.2.1~dev3-3.16 is installed OR openstack-octavia-worker-3.2.1~dev3-3.16 is installed OR openstack-sahara-9.0.2~dev14-3.6 is installed OR openstack-sahara-api-9.0.2~dev14-3.6 is installed OR openstack-sahara-engine-9.0.2~dev14-3.6 is installed OR python-barbican-7.0.1~dev21-3.3 is installed OR python-keystone-14.1.1~dev28-3.16 is installed OR python-neutron-13.0.6~dev8-3.16 is installed OR python-neutron-gbp-5.0.1~dev476-3.13 is installed OR python-neutron-lbaas-13.0.1~dev16-3.13 is installed OR python-nova-18.2.4~dev22-3.16 is installed OR python-octavia-3.2.1~dev3-3.16 is installed OR python-psutil-5.4.6-3.3 is installed OR python-sahara-9.0.2~dev14-3.6 is installed OR release-notes-suse-openstack-cloud-9.20191025-3.15 is installed OR venv-openstack-barbican-7.0.1~dev21-3.13 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev21-3.13 is installed OR venv-openstack-cinder-13.0.8~dev8-3.13 is installed OR venv-openstack-cinder-x86_64-13.0.8~dev8-3.13 is installed OR venv-openstack-designate-7.0.1~dev22-3.13 is installed OR venv-openstack-designate-x86_64-7.0.1~dev22-3.13 is installed OR venv-openstack-heat-11.0.3~dev23-3.13 is installed OR venv-openstack-heat-x86_64-11.0.3~dev23-3.13 is installed OR venv-openstack-keystone-14.1.1~dev28-3.13 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev28-3.13 is installed OR venv-openstack-magnum-7.1.1~dev28-4.13 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.13 is installed OR venv-openstack-manila-7.3.1~dev15-3.13 is installed OR venv-openstack-manila-x86_64-7.3.1~dev15-3.13 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.13 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.13 is installed OR venv-openstack-neutron-13.0.6~dev8-6.13 is installed OR venv-openstack-neutron-x86_64-13.0.6~dev8-6.13 is installed OR venv-openstack-nova-18.2.4~dev22-3.13 is installed OR venv-openstack-nova-x86_64-18.2.4~dev22-3.13 is installed OR venv-openstack-octavia-3.2.1~dev3-4.13 is installed OR venv-openstack-octavia-x86_64-3.2.1~dev3-4.13 is installed OR venv-openstack-sahara-9.0.2~dev14-3.13 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev14-3.13 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.60-38.47 is installed

BACK