Oval Definition:	oval:org.opensuse.security:def:58146
Revision Date: 2020-12-01 Version: 1 Title: Security update for mariadb (Important) Description: This update for mariadb fixes the following issues: Update to MariaDB 10.0.38 GA (bsc#1136037). Security issues fixed: - CVE-2019-2537: Denial of service via multiple protocols (bsc#1136037) - CVE-2019-2529: Denial of service via multiple protocols (bsc#1136037) - CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432) - CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397) - CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368) - CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417) - CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421) - CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678) - CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342) - CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677) - CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM). (bsc#1101676) - CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882) Non-security changes: - Removed PerconaFT from the package as it has AGPL licence (bsc#1118754). - Do not just remove tokudb plugin but don't build it at all (missing jemalloc dependency). - Fixed reading options for multiple instances if my${INSTANCE}.cnf is used (bsc#1132666). - Removed 'umask 077' from mysql-systemd-helper that caused new datadirs created with wrong permissions (bsc#1132666). Release notes and changelog: - https://kb.askmonty.org/en/mariadb-10038-release-notes - https://kb.askmonty.org/en/mariadb-10038-changelog - https://kb.askmonty.org/en/mariadb-10037-release-notes - https://kb.askmonty.org/en/mariadb-10037-changelog - https://kb.askmonty.org/en/mariadb-10036-release-notes - https://kb.askmonty.org/en/mariadb-10036-changelog Family: unix Class: patch Status: Reference(s): 1010829 1012382 1013659 1013678 1013680 1013882 1023175 1027519 1042286 1043176 1043808 1046636 1047674 1048902 1049381 1054724 1054849 1056334 1057378 1057585 1057966 1059369 1062069 1062942 1063122 1065600 1065726 1070805 1084721 1086095 1086535 1091158 1091171 1091197 1094825 1095344 1098996 1098998 1099523 1099597 1100105 1101555 1101676 1101677 1101678 1102682 1103342 1103411 1103624 1104301 1104731 1105025 1105931 1106293 1107256 1107299 1107385 1107832 1107866 1108145 1108498 1109330 1110286 1110837 1111062 1111331 1112368 1112397 1112417 1112421 1112432 1113192 1113751 1113769 1114190 1114648 1114763 1115433 1115440 1116027 1116183 1116345 1116380 1116686 1117186 1117187 1118152 1118319 1118754 1119714 1119946 1119947 1120743 1120758 1121621 1123161 1129271 1129272 1130680 1132666 1133818 1136037 1139945 1146358 1146359 1160968 1168874 1169511 1171352 1172277 1177914 1177943 997358 CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2016-9843 CVE-2017-10664 CVE-2017-10806 CVE-2017-10911 CVE-2017-11334 CVE-2017-11434 CVE-2017-12809 CVE-2017-13672 CVE-2017-14167 CVE-2017-15038 CVE-2017-15268 CVE-2017-15289 CVE-2017-9524 CVE-2018-10858 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-14633 CVE-2018-16862 CVE-2018-16884 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-20815 CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282 CVE-2018-5156 CVE-2018-5188 CVE-2018-5383 CVE-2018-5390 CVE-2018-9516 CVE-2018-9568 CVE-2019-11091 CVE-2019-12781 CVE-2019-2529 CVE-2019-2537 CVE-2019-2949 CVE-2019-3459 CVE-2019-3460 CVE-2019-5418 CVE-2019-5419 CVE-2019-8675 CVE-2019-8696 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-15999 CVE-2020-2654 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6827 CVE-2020-6828 SUSE-SU-2016:3297-1 SUSE-SU-2017:2936-1 SUSE-SU-2018:3470-1 SUSE-SU-2019:0439-1 SUSE-SU-2019:0466-1 SUSE-SU-2019:0915-1 SUSE-SU-2019:1371-1 SUSE-SU-2019:2048-1 SUSE-SU-2019:2379-1 SUSE-SU-2019:3057-1 SUSE-SU-2020:0978-1 SUSE-SU-2020:1685-1 SUSE-SU-2020:2998-1 SUSE-SU-2020:3310-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libthunarx-2-0-1.6.14-lp150.1 is installed OR thunar-1.6.14-lp150.1 is installed OR thunar-lang-1.6.14-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libsystemd0-234-lp151.26.7 is installed OR libsystemd0-32bit-234-lp151.26.7 is installed OR libsystemd0-mini-234-lp151.26.7 is installed OR libudev-devel-234-lp151.26.7 is installed OR libudev-devel-32bit-234-lp151.26.7 is installed OR libudev-mini-devel-234-lp151.26.7 is installed OR libudev-mini1-234-lp151.26.7 is installed OR libudev1-234-lp151.26.7 is installed OR libudev1-32bit-234-lp151.26.7 is installed OR nss-myhostname-234-lp151.26.7 is installed OR nss-myhostname-32bit-234-lp151.26.7 is installed OR nss-mymachines-234-lp151.26.7 is installed OR nss-mymachines-32bit-234-lp151.26.7 is installed OR nss-systemd-234-lp151.26.7 is installed OR systemd-234-lp151.26.7 is installed OR systemd-32bit-234-lp151.26.7 is installed OR systemd-bash-completion-234-lp151.26.7 is installed OR systemd-container-234-lp151.26.7 is installed OR systemd-coredump-234-lp151.26.7 is installed OR systemd-devel-234-lp151.26.7 is installed OR systemd-logger-234-lp151.26.7 is installed OR systemd-mini-234-lp151.26.7 is installed OR systemd-mini-bash-completion-234-lp151.26.7 is installed OR systemd-mini-container-mini-234-lp151.26.7 is installed OR systemd-mini-coredump-mini-234-lp151.26.7 is installed OR systemd-mini-devel-234-lp151.26.7 is installed OR systemd-mini-sysvinit-234-lp151.26.7 is installed OR systemd-sysvinit-234-lp151.26.7 is installed OR udev-234-lp151.26.7 is installed OR udev-mini-234-lp151.26.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gstreamer-plugins-bad-1.2.4-3.4 is installed OR libgstegl-1_0-0-1.2.4-3.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-firmware-20170530-21.28 is installed OR ucode-amd-20170530-21.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_95-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_25-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_7_0-openjdk-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR libmysqlclient18-32bit-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed OR mariadb-client-10.0.38-29.27 is installed OR mariadb-errormessages-10.0.38-29.27 is installed OR mariadb-tools-10.0.38-29.27 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-cryptography-2.0.3-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
BACK