Advisories ยป MGASA-2017-0461

Updated mariadb packages fix security vulnerabilities

Publication date: 21 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-10268 , CVE-2017-10378

Description

Difficult to exploit vulnerability in MariaDB Server allows high
privileged attacker with logon to the infrastructure where MariaDB
Server executes to compromise MariaDB Server. Successful attacks of this
vulnerability can result in unauthorized access to critical data or
complete access to all MariaDB Server accessible data (CVE-2017-10268).

Easily exploitable vulnerability in MariaDB Server allows low privileged
attacker with network access via multiple protocols to compromise
MariaDB Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MariaDB Server (CVE-2017-10378).
                

References

SRPMS

6/core

5/core