openSUSE-SU-2016:1686-1

Опубликовано: 27 июн. 2016

Источник: suse-cvrf

Описание

Security update for mariadb

mariadb was updated to version 10.0.25 to fix 25 security issues.

These security issues were fixed:

CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options (bsc#980904).
CVE-2016-0546: Unspecified vulnerability allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Client (bsc#980904).
CVE-2016-0596: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to DML (bsc#980904).
CVE-2016-0597: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Optimizer (bsc#980904).
CVE-2016-0598: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to DML (bsc#980904).
CVE-2016-0600: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to InnoDB (bsc#980904).
CVE-2016-0606: Unspecified vulnerability allowed remote authenticated users to affect integrity via unknown vectors related to encryption (bsc#980904).
CVE-2016-0608: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to UDF (bsc#980904).
CVE-2016-0609: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to privileges (bsc#980904).
CVE-2016-0616: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Optimizer (bsc#980904).
CVE-2016-0640: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to DML (bsc#980904).
CVE-2016-0641: Unspecified vulnerability allowed local users to affect confidentiality and availability via vectors related to MyISAM (bsc#980904).
CVE-2016-0642: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to Federated (bsc#980904).
CVE-2016-0643: Unspecified vulnerability allowed local users to affect confidentiality via vectors related to DML (bsc#980904).
CVE-2016-0644: Unspecified vulnerability allowed local users to affect availability via vectors related to DDL (bsc#980904).
CVE-2016-0646: Unspecified vulnerability allowed local users to affect availability via vectors related to DML (bsc#980904).
CVE-2016-0647: Unspecified vulnerability allowed local users to affect availability via vectors related to FTS (bsc#980904).
CVE-2016-0648: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#980904).
CVE-2016-0649: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#980904).
CVE-2016-0650: Unspecified vulnerability allowed local users to affect availability via vectors related to Replication (bsc#980904).
CVE-2016-0651: Unspecified vulnerability allowed local users to affect availability via vectors related to Optimizer (bsc#980904).
CVE-2016-0655: Unspecified vulnerability allowed local users to affect availability via vectors related to InnoDB (bsc#980904).
CVE-2016-0666: Unspecified vulnerability allowed local users to affect availability via vectors related to Security: Privileges (bsc#980904).
CVE-2016-0668: Unspecified vulnerability allowed local users to affect availability via vectors related to InnoDB (bsc#980904).
CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c did not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via a '/CN=' string in a field in a certificate, as demonstrated by '/OU=/CN=bar.com/CN=foo.com (bsc#963806).

These non-security issues were fixed:

bsc#961935: Remove the leftovers of 'openSUSE' string in the '-DWITH_COMMENT' and 'DCOMPILATION_COMMENT' options
bsc#970287: remove ha_tokudb.so plugin and tokuft_logprint and tokuftdump binaries as TokuDB storage engine requires the jemalloc library that isn't present in SLE-12-SP1
bsc#970295: Fix the leftovers of 'logrotate.d/mysql' string in the logrotate error message. Occurrences of this string were changed to 'logrotate.d/mariadb'
bsc#963810: Add 'log-error' and 'secure-file-priv' configuration options
- add '/etc/my.cnf.d/error_log.conf' that specifies 'log-error = /var/log/mysql/mysqld.log'. If no path is set, the error log is written to '/var/lib/mysql/$HOSTNAME.err', which is not picked up by logrotate.
- add '/etc/my.cnf.d/secure_file_priv.conf' which specifies that 'LOAD DATA', 'SELECT ... INTO' and 'LOAD FILE()' will only work with files in the directory specified by 'secure-file-priv' option (='/var/lib/mysql-files').

Список пакетов

openSUSE Leap 42.1

libmysqlclient-devel-10.0.25-6.1

libmysqlclient18-10.0.25-6.1

libmysqlclient18-32bit-10.0.25-6.1

libmysqlclient_r18-10.0.25-6.1

libmysqlclient_r18-32bit-10.0.25-6.1

libmysqld-devel-10.0.25-6.1

libmysqld18-10.0.25-6.1

mariadb-10.0.25-6.1

mariadb-bench-10.0.25-6.1

mariadb-client-10.0.25-6.1

mariadb-errormessages-10.0.25-6.1

mariadb-test-10.0.25-6.1

mariadb-tools-10.0.25-6.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
E-Mail link for openSUSE-SU-2016:1686-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0505.html
CVE-2016-0505
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0546.html
CVE-2016-0546
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0596.html
CVE-2016-0596
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0597.html
CVE-2016-0597
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0598.html
CVE-2016-0598
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0600.html
CVE-2016-0600
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0606.html
CVE-2016-0606
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0608.html
CVE-2016-0608
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0609.html
CVE-2016-0609
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0616.html
CVE-2016-0616
https://bugzilla.suse.com/962779
SUSE Bug 962779
https://bugzilla.suse.com/962817
SUSE Bug 962817
https://bugzilla.suse.com/962930
SUSE Bug 962930
https://bugzilla.suse.com/962931
SUSE Bug 962931
https://bugzilla.suse.com/962932
SUSE Bug 962932
https://bugzilla.suse.com/962934
SUSE Bug 962934
https://bugzilla.suse.com/962935
SUSE Bug 962935
https://bugzilla.suse.com/962936
SUSE Bug 962936
https://bugzilla.suse.com/962937
SUSE Bug 962937
https://bugzilla.suse.com/962938
SUSE Bug 962938
https://bugzilla.suse.com/962939
SUSE Bug 962939
https://bugzilla.suse.com/962941
SUSE Bug 962941
https://bugzilla.suse.com/962942
SUSE Bug 962942
https://bugzilla.suse.com/962943
SUSE Bug 962943
https://bugzilla.suse.com/962944
SUSE Bug 962944
https://bugzilla.suse.com/962945
SUSE Bug 962945
https://bugzilla.suse.com/962946
SUSE Bug 962946
https://bugzilla.suse.com/962947
SUSE Bug 962947
https://bugzilla.suse.com/962948
SUSE Bug 962948

Описание

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0640.html
CVE-2016-0640
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0641.html
CVE-2016-0641
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0642.html
CVE-2016-0642
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0643.html
CVE-2016-0643
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0644.html
CVE-2016-0644
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0646.html
CVE-2016-0646
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0647.html
CVE-2016-0647
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0648.html
CVE-2016-0648
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0649.html
CVE-2016-0649
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0650.html
CVE-2016-0650
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0651.html
CVE-2016-0651
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0655.html
CVE-2016-0655
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0666.html
CVE-2016-0666
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0668.html
CVE-2016-0668
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

Описание

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."

Затронутые продукты

openSUSE Leap 42.1:libmysqlclient-devel-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient18-32bit-10.0.25-6.1

openSUSE Leap 42.1:libmysqlclient_r18-10.0.25-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-2047.html
CVE-2016-2047
https://bugzilla.suse.com/963806
SUSE Bug 963806
https://bugzilla.suse.com/976341
SUSE Bug 976341
https://bugzilla.suse.com/980904
SUSE Bug 980904

openSUSE-SU-2016:1686-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-0505

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0546

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0596

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0597

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0598

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0600

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0606

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0608

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0609

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0616

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0640

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0641

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0642

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0643

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0644

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0646

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0647

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0648

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-0649

Описание

Затронутые продукты