Security update for mariadb
| Announcement ID: | SUSE-SU-2016:0121-1 |
|---|---|
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves 15 vulnerabilities can now be installed.
Description:
MariaDB has been updated to version 10.0.22, which brings fixes for many security issues and other improvements.
The following CVEs have been fixed:
- 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792
- 10.0.21: CVE-2015-4816, CVE-2015-4819, CVE-2015-4879, CVE-2015-4895
The following non-security issues have been fixed:
- Fix rc.mysql-multi script to properly start instances after restart. (bsc#934401)
- Fix rc.mysql-multi script to restart after crash. (bsc#937258)
For a comprehensive list of changes refer to the upstream Release Notes and Change Log documents:
- https://kb.askmonty.org/en/mariadb-10022-release-notes/
- https://kb.askmonty.org/en/mariadb-10021-release-notes/
- https://kb.askmonty.org/en/mariadb-10022-changelog/
- https://kb.askmonty.org/en/mariadb-10021-changelog/
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Desktop 12
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-87=1 -
SUSE Linux Enterprise Software Development Kit 12
zypper in -t patch SUSE-SLE-SDK-12-2016-87=1 -
SUSE Linux Enterprise Server 12
zypper in -t patch SUSE-SLE-SERVER-12-2016-87=1 -
SUSE Linux Enterprise Server for SAP Applications 12
zypper in -t patch SUSE-SLE-SERVER-12-2016-87=1 -
SUSE Linux Enterprise Workstation Extension 12
zypper in -t patch SUSE-SLE-WE-12-2016-87=1
Package List:
-
SUSE Linux Enterprise Desktop 12 (x86_64)
- mariadb-client-debuginfo-10.0.22-20.3.1
- libmysqlclient18-32bit-10.0.22-20.3.1
- mariadb-errormessages-10.0.22-20.3.1
- libmysqlclient_r18-32bit-10.0.22-20.3.1
- libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
- mariadb-client-10.0.22-20.3.1
- mariadb-10.0.22-20.3.1
- libmysqlclient18-10.0.22-20.3.1
- libmysqlclient18-debuginfo-10.0.22-20.3.1
- libmysqlclient_r18-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
-
SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64)
- libmysqlclient-devel-10.0.22-20.3.1
- libmysqld18-10.0.22-20.3.1
- libmysqld18-debuginfo-10.0.22-20.3.1
- libmysqld-devel-10.0.22-20.3.1
- libmysqlclient_r18-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
-
SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64)
- mariadb-tools-debuginfo-10.0.22-20.3.1
- mariadb-client-debuginfo-10.0.22-20.3.1
- mariadb-errormessages-10.0.22-20.3.1
- mariadb-client-10.0.22-20.3.1
- mariadb-10.0.22-20.3.1
- libmysqlclient18-debuginfo-10.0.22-20.3.1
- libmysqlclient18-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-tools-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
-
SUSE Linux Enterprise Server 12 (s390x x86_64)
- libmysqlclient18-32bit-10.0.22-20.3.1
- libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
-
SUSE Linux Enterprise Server for SAP Applications 12 (x86_64)
- mariadb-tools-debuginfo-10.0.22-20.3.1
- mariadb-client-debuginfo-10.0.22-20.3.1
- libmysqlclient18-32bit-10.0.22-20.3.1
- mariadb-errormessages-10.0.22-20.3.1
- libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
- mariadb-client-10.0.22-20.3.1
- mariadb-10.0.22-20.3.1
- libmysqlclient18-debuginfo-10.0.22-20.3.1
- libmysqlclient18-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-tools-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
-
SUSE Linux Enterprise Workstation Extension 12 (x86_64)
- libmysqlclient_r18-32bit-10.0.22-20.3.1
- libmysqlclient_r18-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
References:
- https://www.suse.com/security/cve/CVE-2015-4792.html
- https://www.suse.com/security/cve/CVE-2015-4802.html
- https://www.suse.com/security/cve/CVE-2015-4807.html
- https://www.suse.com/security/cve/CVE-2015-4815.html
- https://www.suse.com/security/cve/CVE-2015-4816.html
- https://www.suse.com/security/cve/CVE-2015-4819.html
- https://www.suse.com/security/cve/CVE-2015-4826.html
- https://www.suse.com/security/cve/CVE-2015-4830.html
- https://www.suse.com/security/cve/CVE-2015-4836.html
- https://www.suse.com/security/cve/CVE-2015-4858.html
- https://www.suse.com/security/cve/CVE-2015-4861.html
- https://www.suse.com/security/cve/CVE-2015-4870.html
- https://www.suse.com/security/cve/CVE-2015-4879.html
- https://www.suse.com/security/cve/CVE-2015-4895.html
- https://www.suse.com/security/cve/CVE-2015-4913.html
- https://bugzilla.suse.com/show_bug.cgi?id=934401
- https://bugzilla.suse.com/show_bug.cgi?id=937258
- https://bugzilla.suse.com/show_bug.cgi?id=937343
- https://bugzilla.suse.com/show_bug.cgi?id=937787
- https://bugzilla.suse.com/show_bug.cgi?id=958789
- https://bugzilla.suse.com/show_bug.cgi?id=958790