Advisories ยป MGASA-2017-0054

Updated mariadb packages fix security vulnerability

Publication date: 20 Feb 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-6664 , CVE-2017-3238 , CVE-2017-3243 , CVE-2017-3244 , CVE-2017-3257 , CVE-2017-3258 , CVE-2017-3265 , CVE-2017-3291 , CVE-2017-3312 , CVE-2017-3317 , CVE-2017-3318

Description

Root Privilege Escalation (CVE-2016-6664).

Unspecified vulnerability affecting the Optimizer component
(CVE-2017-3238).

Unspecified vulnerability affecting the Charsets component
(CVE-2017-3243).

Unspecified vulnerability affecing the DML component (CVE-2017-3244).

Unspecified vulnerability affecting InnoDB (CVE-2017-3257).

Unspecified vulnerability in the DDL component (CVE-2017-3258).

Unsafe chmod/chown use in init script (CVE-2017-3265).

Unrestricted mysqld_safe's ledir (CVE-2017-3291).

Insecure error log file handling in mysqld_safe, due to an incomplete fix
for CVE-2016-6664 (CVE-2017-3312).

Unspecified vulnerability affecting Logging (CVE-2017-3317).

Unspecified vulnerability affecting Error Handling (CVE-2017-3318).

Applications using the client library for MySQL (libmysqlclient.so) had a
use-after-free issue that could cause the applications to crash
(bsc#1022428).
                

References

SRPMS

5/core