Oval Definition:	oval:org.opensuse.security:def:56424
Revision Date: 2020-12-01 Version: 1 Title: Security update for mariadb (Important) Description: This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3309: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3453: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3456: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) - CVE-2017-3464: Subcomponent: Server: DDL: Easily 'exploitable' vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (bsc#1048715) Bug fixes: - switch from 'Restart=on-failure' to 'Restart=on-abort' in mysql.service in order to follow the upstream. It also fixes hanging mysql-systemd-helper when mariadb fails (e.g. because of the misconfiguration) (bsc#963041) - XtraDB updated to 5.6.36-82.0 - TokuDB updated to 5.6.36-82.0 - Innodb updated to 5.6.36 - Performance Schema updated to 5.6.36 Release notes and changelog: - https://kb.askmonty.org/en/mariadb-10031-release-notes - https://kb.askmonty.org/en/mariadb-10031-changelog Family: unix Class: patch Status: Reference(s): 1017420 1047666 1048715 1053153 1065386 1069708 1071471 1076017 1081557 1083488 1085114 1085447 1103098 1124729 1124734 1128378 963041 979475 982575 982745 983249 988591 990419 993819 994749 994844 995075 995324 995359 995377 996004 998190 999665 999666 999668 CVE-2012-3449 CVE-2013-7459 CVE-2014-6272 CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158 CVE-2014-9029 CVE-2015-1419 CVE-2015-5185 CVE-2016-0753 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7103 CVE-2017-10661 CVE-2017-13166 CVE-2017-15868 CVE-2017-16612 CVE-2017-16939 CVE-2017-16939 CVE-2017-18190 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2018-1000004 CVE-2018-1068 CVE-2018-5391 CVE-2018-7566 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 SUSE-SU-2016:2394-1 SUSE-SU-2017:2035-1 SUSE-SU-2017:2350-1 SUSE-SU-2017:2351-1 SUSE-SU-2017:3214-1 SUSE-SU-2017:3340-1 SUSE-SU-2018:0266-1 SUSE-SU-2018:0604-1 SUSE-SU-2018:1014-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libKF5Auth5-5.45.0-lp150.2 is installed OR libKF5Auth5-lang-5.45.0-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python-urllib3-1.24-lp151.2.3 is installed OR python-urllib3-test-1.24-lp151.2.3 is installed OR python2-urllib3-1.24-lp151.2.3 is installed OR python2-urllib3-test-1.24-lp151.2.3 is installed OR python3-urllib3-1.24-lp151.2.3 is installed OR python3-urllib3-test-1.24-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libmysqlclient18-10.0.31-29.3 is installed OR libmysqlclient18-32bit-10.0.31-29.3 is installed OR libmysqlclient_r18-10.0.31-29.3 is installed OR libmysqlclient_r18-32bit-10.0.31-29.3 is installed OR mariadb-10.0.31-29.3 is installed OR mariadb-client-10.0.31-29.3 is installed OR mariadb-errormessages-10.0.31-29.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND libevent-2_0-5-2.0.21-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-9-2 is installed OR kgraft-patch-3_12_69-60_64_32-xen-9-2 is installed OR kgraft-patch-SLE12-SP1_Update_13-9-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libjasper1-1.900.1-170 is installed OR libjasper1-32bit-1.900.1-170 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dbus-1-1.8.22-28 is installed OR dbus-1-x11-1.8.22-28 is installed OR libdbus-1-3-1.8.22-28 is installed OR libdbus-1-3-32bit-1.8.22-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-activemodel-4_2-4.2.2-5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-pycrypto-2.6.1-10.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND mailman-2.1.17-3.20 is installed
BACK