| Description: |
This update for mariadb includes the following fixes:
Security fixes included in this update:
- CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2814: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2760: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-13249: Fixed an improper validation of the content of an OK packet received from a server. - CVE-2020-14812: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-14765: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-14776: Fixed an issue which could have resulted in unauthorized ability of accessing data. - CVE-2020-14789: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-15180: Fixed an issue in Galera which could have led to remote code execution.
Non Security fixes included in this update:
- Update to 10.2.36 GA [bsc#1177472] and [bsc#1178428] * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10236-release-notes https://mariadb.com/kb/en/library/mariadb-10236-changelog https://mariadb.com/kb/en/library/mariadb-10235-release-notes https://mariadb.com/kb/en/library/mariadb-10235-changelog https://mariadb.com/kb/en/library/mariadb-10234-release-notes https://mariadb.com/kb/en/library/mariadb-10234-changelog * fixes for the following security vulnerabilities: 10.2.36: none 10.2.35: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 10.2.34: CVE-2020-15180 - update suse_skipped_tests.list
- Update to 10.2.33 GA [bsc#1175596] * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10233-release-notes https://mariadb.com/kb/en/library/mariadb-10233-changelog * fixes for the following security vulnerabilities: none - refresh mariadb-10.2.4-fortify-and-O.patch - tune the testsuite to avoid randomly failing tests - update suse_skipped_tests.list
- Update to 10.2.32 GA [bsc#1171550] * Fixes for the following security vulnerabilities: CVE-2020-2752, CVE-2020-2812, CVE-2020-2814, CVE-2020-2760, CVE-2020-13249 * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10232-release-notes https://mariadb.com/kb/en/library/mariadb-10232-changelog - refresh mariadb-10.2.4-fortify-and-O.patch - drop specfile 'hacks' as things work correctly in upstream now: * renaming tmpfiles.conf -> mariadb.conf * installing pam_user_map.so to /lib64/security for non 32bit architectures * sysusers.conf was renamed to mariadb.conf - update suse_skipped_tests.list
|