Oval Definition:	oval:org.opensuse.security:def:58409
Revision Date: 2020-12-01 Version: 1 Title: Security update for mariadb (Important) Description: This update for mariadb to version 10.2.31 GA fixes the following issues: MariaDB was updated to version 10.2.31 GA (bsc#1162388 and bsc#1156669). Security issues fixed: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388). - CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895). - CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service - CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service - CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption - CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption - Enabled security hardenings in MariaDB's systemd service, namely ProtectSystem, ProtectHome and UMask (bsc#1160878). - Fixed a potental symlink attack (bsc#1160912). - Fixed a permissions issue in /var/lib/mysql (bsc#1077717). - Used systemd-tmpfiles for a cleaner and safer creation of /run/mysql (bsc#1160883). Family: unix Class: patch Status: Reference(s): 1012143 1012382 1014702 1015169 1016503 1016504 1016779 1017081 1017084 1017189 1020427 1020491 1020589 1020928 1021129 1021195 1021481 1021741 1022541 1023004 1023053 1023073 1023175 1023907 1024972 1025109 1025311 1026583 1028184 1028656 1030624 1031056 1031142 1032075 1034866 1034908 1035406 1035950 1036211 1036304 1036785 1037242 1037334 1037336 1039495 1042159 1042286 1042800 1042801 1043073 1043296 1045735 1048783 1049505 1049825 1051017 1051643 1051644 1052151 1053600 1065600 1065726 1070805 1070851 1076192 1077717 1079334 1083125 1084721 1085447 1086095 1086535 1088705 1090368 1090646 1090869 1091158 1091171 1091197 1091624 1092413 1094825 1095344 1096803 1098996 1099523 1099597 1099847 1100028 1100105 1101349 1101555 1102429 1103624 1104731 1105025 1105931 1106293 1107256 1107299 1107385 1107832 1107866 1108145 1108498 1109330 1110233 1110286 1110837 1111062 1113192 1113751 1113769 1114190 1114648 1114763 1115433 1115440 1116027 1116183 1116345 1117186 1117187 1118152 1118319 1119714 1119946 1119947 1120743 1120758 1121621 1123161 1124729 1124734 1125330 1127987 1128378 1129231 1129821 1130103 1130262 1133528 1144903 1153108 1153158 1153161 1156669 1160878 1160883 1160895 1160912 1162388 1174157 1175259 906574 924960 933288 933878 936227 942865 957566 957567 957598 957600 960837 971741 972127 977027 CVE-2014-8964 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-5073 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2016-10028 CVE-2016-10029 CVE-2016-10155 CVE-2016-1283 CVE-2016-3191 CVE-2016-9602 CVE-2016-9603 CVE-2016-9921 CVE-2016-9922 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-13166 CVE-2017-2615 CVE-2017-2620 CVE-2017-5525 CVE-2017-5526 CVE-2017-5552 CVE-2017-5578 CVE-2017-5579 CVE-2017-5667 CVE-2017-5856 CVE-2017-5857 CVE-2017-5898 CVE-2017-5973 CVE-2017-5987 CVE-2017-6505 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-7718 CVE-2017-7980 CVE-2017-8086 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9269 CVE-2017-9330 CVE-2017-9373 CVE-2017-9374 CVE-2017-9375 CVE-2017-9503 CVE-2018-1087 CVE-2018-14633 CVE-2018-16862 CVE-2018-16884 CVE-2018-17182 CVE-2018-18281 CVE-2018-18335 CVE-2018-18356 CVE-2018-18386 CVE-2018-18506 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-7685 CVE-2018-8781 CVE-2018-8897 CVE-2018-9516 CVE-2018-9568 CVE-2019-10220 CVE-2019-17133 CVE-2019-17639 CVE-2019-18901 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2019-3459 CVE-2019-3460 CVE-2019-3859 CVE-2019-5785 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9794 CVE-2019-9795 CVE-2019-9796 CVE-2019-9801 CVE-2019-9810 CVE-2019-9813 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-2574 SUSE-SU-2016:2971-1 SUSE-SU-2017:0625-1 SUSE-SU-2017:1774-1 SUSE-SU-2017:2174-1 SUSE-SU-2017:2697-1 SUSE-SU-2018:1534-1 SUSE-SU-2018:2716-2 SUSE-SU-2018:3173-1 SUSE-SU-2019:0852-1 SUSE-SU-2020:0831-1 SUSE-SU-2020:2482-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND binutils-2.29.1-lp150.4 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaFirefox-60.8.0-lp151.2.10 is installed OR MozillaFirefox-branding-upstream-60.8.0-lp151.2.10 is installed OR MozillaFirefox-buildsymbols-60.8.0-lp151.2.10 is installed OR MozillaFirefox-devel-60.8.0-lp151.2.10 is installed OR MozillaFirefox-translations-common-60.8.0-lp151.2.10 is installed OR MozillaFirefox-translations-other-60.8.0-lp151.2.10 is installed OR libfreebl3-3.44.1-lp151.2.3 is installed OR libfreebl3-32bit-3.44.1-lp151.2.3 is installed OR libfreebl3-hmac-3.44.1-lp151.2.3 is installed OR libfreebl3-hmac-32bit-3.44.1-lp151.2.3 is installed OR libsoftokn3-3.44.1-lp151.2.3 is installed OR libsoftokn3-32bit-3.44.1-lp151.2.3 is installed OR libsoftokn3-hmac-3.44.1-lp151.2.3 is installed OR libsoftokn3-hmac-32bit-3.44.1-lp151.2.3 is installed OR mozilla-nss-3.44.1-lp151.2.3 is installed OR mozilla-nss-32bit-3.44.1-lp151.2.3 is installed OR mozilla-nss-certs-3.44.1-lp151.2.3 is installed OR mozilla-nss-certs-32bit-3.44.1-lp151.2.3 is installed OR mozilla-nss-devel-3.44.1-lp151.2.3 is installed OR mozilla-nss-sysinit-3.44.1-lp151.2.3 is installed OR mozilla-nss-sysinit-32bit-3.44.1-lp151.2.3 is installed OR mozilla-nss-tools-3.44.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information qemu-2.6.2-41.16 is installed OR qemu-arm-2.6.2-41.16 is installed OR qemu-block-curl-2.6.2-41.16 is installed OR qemu-block-rbd-2.6.2-41.16 is installed OR qemu-block-ssh-2.6.2-41.16 is installed OR qemu-guest-agent-2.6.2-41.16 is installed OR qemu-ipxe-1.0.0-41.16 is installed OR qemu-kvm-2.6.2-41.16 is installed OR qemu-lang-2.6.2-41.16 is installed OR qemu-ppc-2.6.2-41.16 is installed OR qemu-s390-2.6.2-41.16 is installed OR qemu-seabios-1.9.1-41.16 is installed OR qemu-sgabios-8-41.16 is installed OR qemu-tools-2.6.2-41.16 is installed OR qemu-vgabios-1.9.1-41.16 is installed OR qemu-x86-2.6.2-41.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libssh2-1-1.4.3-20.6 is installed OR libssh2-1-32bit-1.4.3-20.6 is installed OR libssh2_org-1.4.3-20.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND dstat-0.7.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information mariadb-10.2.31-16 is installed OR mariadb-client-10.2.31-16 is installed OR mariadb-errormessages-10.2.31-16 is installed OR mariadb-galera-10.2.31-16 is installed OR mariadb-tools-10.2.31-16 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ansible-2.4.6.0-3.3 is installed
BACK