Security update for mariadb

An update that solves two vulnerabilities and has two fixes is now available.

Description:

This update for mariadb fixes the following issues:
MariaDB was updated to version 10.0.40-3 (bsc#1162388).
Security issues fixed:

• CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388).
• CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE OpenStack Cloud Crowbar 8:
  zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-527=1
• SUSE OpenStack Cloud 8:
  zypper in -t patch SUSE-OpenStack-Cloud-8-2020-527=1
• HPE Helion Openstack 8:
  zypper in -t patch HPE-Helion-OpenStack-8-2020-527=1

Package List:

• SUSE OpenStack Cloud Crowbar 8 (x86_64):
  • libmysqlclient18-10.0.40.3-29.38.1
  • libmysqlclient18-debuginfo-10.0.40.3-29.38.1
• SUSE OpenStack Cloud 8 (x86_64):
  • libmysqlclient18-10.0.40.3-29.38.1
  • libmysqlclient18-debuginfo-10.0.40.3-29.38.1
• HPE Helion Openstack 8 (x86_64):
  • libmysqlclient18-10.0.40.3-29.38.1
  • libmysqlclient18-debuginfo-10.0.40.3-29.38.1

References:

• https://www.suse.com/security/cve/CVE-2019-18901.html
• https://www.suse.com/security/cve/CVE-2020-2574.html
• https://bugzilla.suse.com/1077717
• https://bugzilla.suse.com/1160895
• https://bugzilla.suse.com/1160912
• https://bugzilla.suse.com/1162388