Security update for mariadb
Announcement ID: | SUSE-SU-2016:0121-1 |
Rating: | moderate |
References: | #934401 #937258 #937343 #937787 #958789 #958790 |
Affected Products: |
An update that fixes 15 vulnerabilities is now available.
Description:
MariaDB has been updated to version 10.0.22, which brings fixes for many
security issues and other improvements.
The following CVEs have been fixed:
- 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826,
CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861,
CVE-2015-4870, CVE-2015-4913, CVE-2015-4792
- 10.0.21: CVE-2015-4816, CVE-2015-4819, CVE-2015-4879, CVE-2015-4895
The following non-security issues have been fixed:
- Fix rc.mysql-multi script to properly start instances after restart.
(bsc#934401)
- Fix rc.mysql-multi script to restart after crash. (bsc#937258)
For a comprehensive list of changes refer to the upstream Release Notes
and Change Log documents:
- https://kb.askmonty.org/en/mariadb-10022-release-notes/
- https://kb.askmonty.org/en/mariadb-10021-release-notes/
- https://kb.askmonty.org/en/mariadb-10022-changelog/
- https://kb.askmonty.org/en/mariadb-10021-changelog/
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2016-87=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2016-87=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2016-87=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-87=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
- libmysqlclient_r18-10.0.22-20.3.1
- libmysqlclient_r18-32bit-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
- libmysqlclient-devel-10.0.22-20.3.1
- libmysqlclient_r18-10.0.22-20.3.1
- libmysqld-devel-10.0.22-20.3.1
- libmysqld18-10.0.22-20.3.1
- libmysqld18-debuginfo-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
- libmysqlclient18-10.0.22-20.3.1
- libmysqlclient18-debuginfo-10.0.22-20.3.1
- mariadb-10.0.22-20.3.1
- mariadb-client-10.0.22-20.3.1
- mariadb-client-debuginfo-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-errormessages-10.0.22-20.3.1
- mariadb-tools-10.0.22-20.3.1
- mariadb-tools-debuginfo-10.0.22-20.3.1
- SUSE Linux Enterprise Server 12 (s390x x86_64):
- libmysqlclient18-32bit-10.0.22-20.3.1
- libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
- libmysqlclient18-10.0.22-20.3.1
- libmysqlclient18-32bit-10.0.22-20.3.1
- libmysqlclient18-debuginfo-10.0.22-20.3.1
- libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
- libmysqlclient_r18-10.0.22-20.3.1
- libmysqlclient_r18-32bit-10.0.22-20.3.1
- mariadb-10.0.22-20.3.1
- mariadb-client-10.0.22-20.3.1
- mariadb-client-debuginfo-10.0.22-20.3.1
- mariadb-debuginfo-10.0.22-20.3.1
- mariadb-debugsource-10.0.22-20.3.1
- mariadb-errormessages-10.0.22-20.3.1
References:
- https://www.suse.com/security/cve/CVE-2015-4792.html
- https://www.suse.com/security/cve/CVE-2015-4802.html
- https://www.suse.com/security/cve/CVE-2015-4807.html
- https://www.suse.com/security/cve/CVE-2015-4815.html
- https://www.suse.com/security/cve/CVE-2015-4816.html
- https://www.suse.com/security/cve/CVE-2015-4819.html
- https://www.suse.com/security/cve/CVE-2015-4826.html
- https://www.suse.com/security/cve/CVE-2015-4830.html
- https://www.suse.com/security/cve/CVE-2015-4836.html
- https://www.suse.com/security/cve/CVE-2015-4858.html
- https://www.suse.com/security/cve/CVE-2015-4861.html
- https://www.suse.com/security/cve/CVE-2015-4870.html
- https://www.suse.com/security/cve/CVE-2015-4879.html
- https://www.suse.com/security/cve/CVE-2015-4895.html
- https://www.suse.com/security/cve/CVE-2015-4913.html
- https://bugzilla.suse.com/934401
- https://bugzilla.suse.com/937258
- https://bugzilla.suse.com/937343
- https://bugzilla.suse.com/937787
- https://bugzilla.suse.com/958789
- https://bugzilla.suse.com/958790