openSUSE-SU-2016:0368-1

Опубликовано: 07 фев. 2016

Источник: suse-cvrf

Описание

Security update for mariadb

MariaDB has been updated to version 10.0.22, which brings fixes for many security issues and other improvements.

The following CVEs have been fixed:

10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792
Fix information leak via mysql-systemd-helper script. (CVE-2015-5969, bsc#957174)

For a comprehensive list of changes refer to the upstream Release Notes and Change Log documents:

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Список пакетов

openSUSE Leap 42.1

libmysqlclient-devel-10.0.22-3.1

libmysqlclient18-10.0.22-3.1

libmysqlclient18-32bit-10.0.22-3.1

libmysqlclient_r18-10.0.22-3.1

libmysqlclient_r18-32bit-10.0.22-3.1

libmysqld-devel-10.0.22-3.1

libmysqld18-10.0.22-3.1

mariadb-10.0.22-3.1

mariadb-bench-10.0.22-3.1

mariadb-client-10.0.22-3.1

mariadb-errormessages-10.0.22-3.1

mariadb-test-10.0.22-3.1

mariadb-tools-10.0.22-3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html
E-Mail link for openSUSE-SU-2016:0368-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4792.html
CVE-2015-4792
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4802.html
CVE-2015-4802
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4807.html
CVE-2015-4807
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4815.html
CVE-2015-4815
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4826.html
CVE-2015-4826
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4830.html
CVE-2015-4830
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4836.html
CVE-2015-4836
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4858.html
CVE-2015-4858
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4861.html
CVE-2015-4861
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4870.html
CVE-2015-4870
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4913.html
CVE-2015-4913
https://bugzilla.suse.com/951391
SUSE Bug 951391
https://bugzilla.suse.com/958789
SUSE Bug 958789

Описание

The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.22-3.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.22-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-5969.html
CVE-2015-5969
https://bugzilla.suse.com/957174
SUSE Bug 957174

openSUSE-SU-2016:0368-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-4792

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4802

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4807

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4815

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4826

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4830

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4836

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4858

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4861

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4870

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-4913

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2015-5969

Описание

Затронутые продукты

Ссылки