Описание
Security update for mariadb
MariaDB has been updated to version 10.0.22, which brings fixes for many security issues and other improvements.
The following CVEs have been fixed:
- 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792
- Fix information leak via mysql-systemd-helper script. (CVE-2015-5969, bsc#957174)
For a comprehensive list of changes refer to the upstream Release Notes and Change Log documents:
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP1
Ссылки
- Link for SUSE-SU-2016:0296-1
- E-Mail link for SUSE-SU-2016:0296-1
- SUSE Security Ratings
- SUSE Bug 937787
- SUSE Bug 957174
- SUSE Bug 958789
- SUSE CVE CVE-2015-4792 page
- SUSE CVE CVE-2015-4802 page
- SUSE CVE CVE-2015-4807 page
- SUSE CVE CVE-2015-4815 page
- SUSE CVE CVE-2015-4826 page
- SUSE CVE CVE-2015-4830 page
- SUSE CVE CVE-2015-4836 page
- SUSE CVE CVE-2015-4858 page
- SUSE CVE CVE-2015-4861 page
- SUSE CVE CVE-2015-4870 page
- SUSE CVE CVE-2015-4913 page
- SUSE CVE CVE-2015-5969 page
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.
Затронутые продукты
Ссылки
- CVE-2015-4792
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.
Затронутые продукты
Ссылки
- CVE-2015-4802
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.
Затронутые продукты
Ссылки
- CVE-2015-4807
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
Затронутые продукты
Ссылки
- CVE-2015-4815
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.
Затронутые продукты
Ссылки
- CVE-2015-4826
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
Затронутые продукты
Ссылки
- CVE-2015-4830
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
Затронутые продукты
Ссылки
- CVE-2015-4836
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.
Затронутые продукты
Ссылки
- CVE-2015-4858
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
Затронутые продукты
Ссылки
- CVE-2015-4861
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
Затронутые продукты
Ссылки
- CVE-2015-4870
- SUSE Bug 951391
- SUSE Bug 958789
Описание
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
Затронутые продукты
Ссылки
- CVE-2015-4913
- SUSE Bug 951391
- SUSE Bug 958789
Описание
The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.
Затронутые продукты
Ссылки
- CVE-2015-5969
- SUSE Bug 957174