Updated mariadb packages fix security vulnerabilities
Publication date: 16 Nov 2015Modification date: 16 Nov 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-4802 , CVE-2015-4815 , CVE-2015-4826 , CVE-2015-4830 , CVE-2015-4836 , CVE-2015-4858 , CVE-2015-4861 , CVE-2015-4870 , CVE-2015-4913 , CVE-2015-4792
Description
This update provides the upstream 10.0.22 maintenance release and fixes the following security issues: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. (CVE-2015-4802) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL. (CVE-2015-4815) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types. (CVE-2015-4826) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. (CVE-2015-4830) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP. (CVE-2015-4836) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913. (CVE-2015-4858) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. (CVE-2015-4861) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser. (CVE-2015-4870) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858. (CVE-2015-4913) Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802. (CVE-2015-4792) For other fixes in this update, see the referenced release notes.
References
- https://bugs.mageia.org/show_bug.cgi?id=17065
- https://mariadb.com/kb/en/mariadb/mariadb-10022-release-notes
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4802
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4815
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4826
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4830
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4836
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4858
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4861
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4870
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4913
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4792
SRPMS
5/core
- mariadb-10.0.22-1.mga5