Описание
ELSA-2019-2327: mariadb security and bug fix update (MODERATE)
[1:5.5.64-1]
- Rebase to 5.5.64
- Resolves: #1490398
- CVEs fixed: #1610986 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3081
- CVEs fixed: #1664043 CVE-2018-3282 CVE-2019-2503
- CVEs fixed: #1701686 CVE-2019-2529
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
mariadb
5.5.64-1.el7
mariadb-bench
5.5.64-1.el7
mariadb-devel
5.5.64-1.el7
mariadb-embedded
5.5.64-1.el7
mariadb-embedded-devel
5.5.64-1.el7
mariadb-libs
5.5.64-1.el7
mariadb-server
5.5.64-1.el7
mariadb-test
5.5.64-1.el7
Oracle Linux x86_64
mariadb
5.5.64-1.el7
mariadb-bench
5.5.64-1.el7
mariadb-devel
5.5.64-1.el7
mariadb-embedded
5.5.64-1.el7
mariadb-embedded-devel
5.5.64-1.el7
mariadb-libs
5.5.64-1.el7
mariadb-server
5.5.64-1.el7
mariadb-test
5.5.64-1.el7
Ссылки на источники
Связанные уязвимости
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...