Oval Definition:oval:org.opensuse.security:def:56387
Revision Date:2020-12-01Version:1
Title:Security update for mariadb (Important)
Description:



This update for mariadb fixes the following issues:

MariaDB was updated to 10.0.34 (bsc#1078431)

The following security vulnerabilities are fixed:

- CVE-2018-2562: Vulnerability in the MySQL Server subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. - CVE-2018-2622: Vulnerability in the MySQL Server subcomponent: Server: DDL. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2640: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2665: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2668: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2612: Vulnerability in the MySQL Server subcomponent: InnoDB. Easily exploitable vulnerability allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.



The MariaDB external release notes and changelog for this release:

https://kb.askmonty.org/en/mariadb-10034-release-notes * https://kb.askmonty.org/en/mariadb-10034-changelog

Family:unixClass:patch
Status:Reference(s):1042419
1056088
1056090
1056093
1056095
1056097
1056101
1056105
1058058
1058565
1058622
1058624
1064016
1065892
1078431
1090338
1096740
1109105
1111479
1111480
1112229
1117022
1117274
1117313
1117327
1117331
1154328
960674
CVE-2008-4225
CVE-2008-4226
CVE-2008-4409
CVE-2010-1163
CVE-2010-1646
CVE-2011-0010
CVE-2011-2489
CVE-2011-2490
CVE-2011-3177
CVE-2012-0037
CVE-2012-2337
CVE-2012-5134
CVE-2013-1775
CVE-2013-1776
CVE-2013-1986
CVE-2014-3065
CVE-2014-3566
CVE-2014-4288
CVE-2014-6456
CVE-2014-6457
CVE-2014-6458
CVE-2014-6466
CVE-2014-6476
CVE-2014-6492
CVE-2014-6493
CVE-2014-6502
CVE-2014-6503
CVE-2014-6506
CVE-2014-6511
CVE-2014-6512
CVE-2014-6513
CVE-2014-6515
CVE-2014-6527
CVE-2014-6531
CVE-2014-6532
CVE-2014-6558
CVE-2014-8891
CVE-2014-8892
CVE-2014-9680
CVE-2015-0138
CVE-2015-0192
CVE-2015-1914
CVE-2015-1931
CVE-2015-2590
CVE-2015-2601
CVE-2015-2613
CVE-2015-2619
CVE-2015-2621
CVE-2015-2625
CVE-2015-2632
CVE-2015-2637
CVE-2015-2638
CVE-2015-2664
CVE-2015-2808
CVE-2015-4000
CVE-2015-4729
CVE-2015-4731
CVE-2015-4732
CVE-2015-4733
CVE-2015-4748
CVE-2015-4749
CVE-2015-4760
CVE-2015-8710
CVE-2016-1602
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
CVE-2016-7947
CVE-2016-7948
CVE-2017-12150
CVE-2017-12151
CVE-2017-12163
CVE-2017-13738
CVE-2017-13739
CVE-2017-13740
CVE-2017-13741
CVE-2017-13743
CVE-2017-13744
CVE-2017-9798
CVE-2018-17183
CVE-2018-17961
CVE-2018-18073
CVE-2018-18284
CVE-2018-19409
CVE-2018-19475
CVE-2018-19476
CVE-2018-19477
CVE-2018-2562
CVE-2018-2612
CVE-2018-2622
CVE-2018-2640
CVE-2018-2665
CVE-2018-2668
CVE-2018-3665
CVE-2019-3693
SUSE-SU-2016:0178-1
SUSE-SU-2017:2570-1
SUSE-SU-2017:2718-1
SUSE-SU-2017:2971-1
SUSE-SU-2018:0697-1
SUSE-SU-2018:2113-1
SUSE-SU-2018:4090-1
SUSE-SU-2019:3076-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gstreamer-1.12.5-lp150.1 is installed
  • OR gstreamer-lang-1.12.5-lp150.1 is installed
  • OR gstreamer-utils-1.12.5-lp150.1 is installed
  • OR libgstreamer-1_0-0-1.12.5-lp150.1 is installed
  • OR typelib-1_0-Gst-1_0-1.12.5-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND squid-4.8-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libmysqlclient18-10.0.34-29.16 is installed
  • OR libmysqlclient18-32bit-10.0.34-29.16 is installed
  • OR libmysqlclient_r18-10.0.34-29.16 is installed
  • OR libmysqlclient_r18-32bit-10.0.34-29.16 is installed
  • OR mariadb-10.0.34-29.16 is installed
  • OR mariadb-client-10.0.34-29.16 is installed
  • OR mariadb-errormessages-10.0.34-29.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • liblouis-2.6.4-6.3 is installed
  • OR liblouis-data-2.6.4-6.3 is installed
  • OR liblouis9-2.6.4-6.3 is installed
  • OR python3-louis-2.6.4-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr3.10-14 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr3.10-14 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr3.10-14 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr3.10-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • ctdb-4.2.4-28.21 is installed
  • OR libdcerpc-binding0-4.2.4-28.21 is installed
  • OR libdcerpc-binding0-32bit-4.2.4-28.21 is installed
  • OR libdcerpc0-4.2.4-28.21 is installed
  • OR libdcerpc0-32bit-4.2.4-28.21 is installed
  • OR libgensec0-4.2.4-28.21 is installed
  • OR libgensec0-32bit-4.2.4-28.21 is installed
  • OR libndr-krb5pac0-4.2.4-28.21 is installed
  • OR libndr-krb5pac0-32bit-4.2.4-28.21 is installed
  • OR libndr-nbt0-4.2.4-28.21 is installed
  • OR libndr-nbt0-32bit-4.2.4-28.21 is installed
  • OR libndr-standard0-4.2.4-28.21 is installed
  • OR libndr-standard0-32bit-4.2.4-28.21 is installed
  • OR libndr0-4.2.4-28.21 is installed
  • OR libndr0-32bit-4.2.4-28.21 is installed
  • OR libnetapi0-4.2.4-28.21 is installed
  • OR libnetapi0-32bit-4.2.4-28.21 is installed
  • OR libregistry0-4.2.4-28.21 is installed
  • OR libsamba-credentials0-4.2.4-28.21 is installed
  • OR libsamba-credentials0-32bit-4.2.4-28.21 is installed
  • OR libsamba-hostconfig0-4.2.4-28.21 is installed
  • OR libsamba-hostconfig0-32bit-4.2.4-28.21 is installed
  • OR libsamba-passdb0-4.2.4-28.21 is installed
  • OR libsamba-passdb0-32bit-4.2.4-28.21 is installed
  • OR libsamba-util0-4.2.4-28.21 is installed
  • OR libsamba-util0-32bit-4.2.4-28.21 is installed
  • OR libsamdb0-4.2.4-28.21 is installed
  • OR libsamdb0-32bit-4.2.4-28.21 is installed
  • OR libsmbclient-raw0-4.2.4-28.21 is installed
  • OR libsmbclient-raw0-32bit-4.2.4-28.21 is installed
  • OR libsmbclient0-4.2.4-28.21 is installed
  • OR libsmbclient0-32bit-4.2.4-28.21 is installed
  • OR libsmbconf0-4.2.4-28.21 is installed
  • OR libsmbconf0-32bit-4.2.4-28.21 is installed
  • OR libsmbldap0-4.2.4-28.21 is installed
  • OR libsmbldap0-32bit-4.2.4-28.21 is installed
  • OR libtevent-util0-4.2.4-28.21 is installed
  • OR libtevent-util0-32bit-4.2.4-28.21 is installed
  • OR libwbclient0-4.2.4-28.21 is installed
  • OR libwbclient0-32bit-4.2.4-28.21 is installed
  • OR samba-4.2.4-28.21 is installed
  • OR samba-32bit-4.2.4-28.21 is installed
  • OR samba-client-4.2.4-28.21 is installed
  • OR samba-client-32bit-4.2.4-28.21 is installed
  • OR samba-doc-4.2.4-28.21 is installed
  • OR samba-libs-4.2.4-28.21 is installed
  • OR samba-libs-32bit-4.2.4-28.21 is installed
  • OR samba-winbind-4.2.4-28.21 is installed
  • OR samba-winbind-32bit-4.2.4-28.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXrandr2-1.5.0-6 is installed
  • OR libXrandr2-32bit-1.5.0-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libvirt-2.0.0-27.54 is installed
  • OR libvirt-client-2.0.0-27.54 is installed
  • OR libvirt-daemon-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.54 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-xen-2.0.0-27.54 is installed
  • OR libvirt-doc-2.0.0-27.54 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.54 is installed
  • OR libvirt-nss-2.0.0-27.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-6 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.36 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.36 is installed
  • OR python-2.7.13-28.36 is installed
  • OR python-32bit-2.7.13-28.36 is installed
  • OR python-base-2.7.13-28.36 is installed
  • OR python-base-32bit-2.7.13-28.36 is installed
  • OR python-curses-2.7.13-28.36 is installed
  • OR python-demo-2.7.13-28.36 is installed
  • OR python-devel-2.7.13-28.36 is installed
  • OR python-doc-2.7.13-28.36 is installed
  • OR python-doc-pdf-2.7.13-28.36 is installed
  • OR python-gdbm-2.7.13-28.36 is installed
  • OR python-idle-2.7.13-28.36 is installed
  • OR python-tk-2.7.13-28.36 is installed
  • OR python-xml-2.7.13-28.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • apache2-2.4.16-20.13 is installed
  • OR apache2-doc-2.4.16-20.13 is installed
  • OR apache2-example-pages-2.4.16-20.13 is installed
  • OR apache2-prefork-2.4.16-20.13 is installed
  • OR apache2-utils-2.4.16-20.13 is installed
  • OR apache2-worker-2.4.16-20.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND atftp-0.7.0-160.8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-haml-4.0.6-3.3 is installed
  • OR rubygem-haml-4.0.6-3.3 is installed
    • BACK