Security update for mariadb

Announcement ID: SUSE-SU-2015:1273-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2015-2325 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2015-2326 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2015-3152 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
  • SUSE Linux Enterprise Desktop 12
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Server for SAP Applications 12
  • SUSE Linux Enterprise Software Development Kit 12
  • SUSE Linux Enterprise Workstation Extension 12

An update that solves 12 vulnerabilities and has one security fix can now be installed.

Description:

  This update fixes the following security issues:
* Logjam attack: mysql uses 512 bit dh groups in SSL [bnc#934789]
* CVE-2015-3152: mysql --ssl does not enforce SSL [bnc#924663]
* CVE-2014-8964: heap buffer overflow [bnc#906574]
* CVE-2015-2325: heap buffer overflow in compile_branch() [bnc#924960]
* CVE-2015-2326: heap buffer overflow in pcre_compile2() [bnc#924961]
* CVE-2015-0501: unspecified vulnerability related to Server:Compiling (CPU April 2015) 
* CVE-2015-2571: unspecified vulnerability related to Server:Optimizer (CPU April 2015)
* CVE-2015-0505: unspecified vulnerability related to Server:DDL (CPU April 2015) 
* CVE-2015-0499: unspecified vulnerability related to Server:Federated (CPU April 2015) 
* CVE-2015-2568: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015) 
* CVE-2015-2573: unspecified vulnerability related to Server:DDL (CPU April 2015)
* CVE-2015-0433: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015) 
* CVE-2015-0441: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Desktop 12
    zypper in -t patch SUSE-SLE-DESKTOP-12-2015-332=1
  • SUSE Linux Enterprise Software Development Kit 12
    zypper in -t patch SUSE-SLE-SDK-12-2015-332=1
  • SUSE Linux Enterprise Server 12
    zypper in -t patch SUSE-SLE-SERVER-12-2015-332=1
  • SUSE Linux Enterprise Server for SAP Applications 12
    zypper in -t patch SUSE-SLE-SERVER-12-2015-332=1
  • SUSE Linux Enterprise Workstation Extension 12
    zypper in -t patch SUSE-SLE-WE-12-2015-332=1

Package List:

  • SUSE Linux Enterprise Desktop 12 (x86_64)
    • mariadb-errormessages-10.0.20-18.1
    • libmysqlclient_r18-32bit-10.0.20-18.1
    • mariadb-client-10.0.20-18.1
    • libmysqlclient18-10.0.20-18.1
    • libmysqlclient_r18-10.0.20-18.1
    • libmysqlclient18-debuginfo-32bit-10.0.20-18.1
    • mariadb-10.0.20-18.1
    • mariadb-debuginfo-10.0.20-18.1
    • mariadb-debugsource-10.0.20-18.1
    • libmysqlclient18-32bit-10.0.20-18.1
    • mariadb-client-debuginfo-10.0.20-18.1
    • libmysqlclient18-debuginfo-10.0.20-18.1
  • SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64)
    • libmysqld18-10.0.20-18.1
    • libmysqlclient_r18-10.0.20-18.1
    • libmysqlclient-devel-10.0.20-18.1
    • mariadb-debuginfo-10.0.20-18.1
    • mariadb-debugsource-10.0.20-18.1
    • libmysqld-devel-10.0.20-18.1
    • libmysqld18-debuginfo-10.0.20-18.1
  • SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64)
    • mariadb-errormessages-10.0.20-18.1
    • mariadb-tools-debuginfo-10.0.20-18.1
    • mariadb-client-10.0.20-18.1
    • libmysqlclient18-10.0.20-18.1
    • mariadb-10.0.20-18.1
    • mariadb-debuginfo-10.0.20-18.1
    • mariadb-debugsource-10.0.20-18.1
    • mariadb-client-debuginfo-10.0.20-18.1
    • mariadb-tools-10.0.20-18.1
    • libmysqlclient18-debuginfo-10.0.20-18.1
  • SUSE Linux Enterprise Server 12 (s390x x86_64)
    • libmysqlclient18-debuginfo-32bit-10.0.20-18.1
    • libmysqlclient18-32bit-10.0.20-18.1
  • SUSE Linux Enterprise Server for SAP Applications 12 (x86_64)
    • mariadb-errormessages-10.0.20-18.1
    • mariadb-tools-debuginfo-10.0.20-18.1
    • mariadb-client-10.0.20-18.1
    • libmysqlclient18-10.0.20-18.1
    • libmysqlclient18-debuginfo-32bit-10.0.20-18.1
    • mariadb-10.0.20-18.1
    • mariadb-debuginfo-10.0.20-18.1
    • mariadb-debugsource-10.0.20-18.1
    • libmysqlclient18-32bit-10.0.20-18.1
    • mariadb-client-debuginfo-10.0.20-18.1
    • mariadb-tools-10.0.20-18.1
    • libmysqlclient18-debuginfo-10.0.20-18.1
  • SUSE Linux Enterprise Workstation Extension 12 (x86_64)
    • mariadb-debuginfo-10.0.20-18.1
    • libmysqlclient_r18-10.0.20-18.1
    • mariadb-debugsource-10.0.20-18.1
    • libmysqlclient_r18-32bit-10.0.20-18.1

References: