Advisories » MGASA-2014-0377

Updated mariadb packages fix CVE-2014-4274

Publication date: 15 Sep 2014
Modification date: 15 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4274

Description

Updated mariadb packages fix security vulnerability:

MyISAM temporary files could be used to mount a code-execution attack
(CVE-2014-4274).

The mariadb package has been updated to version 5.5.39, which fixes this and
several other issues.  Refer to the upstream Changelog for more details.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14015
• https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-5539-changelog/
• http://openwall.com/lists/oss-security/2014/09/10/2
• https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137559.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274

SRPMS

3/core

• mariadb-5.5.39-1.mga3

4/core

• mariadb-5.5.39-1.mga4