1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2018:2439

[RHSA-2018:2439] mariadb security and bug fix update

Severity Moderate
Affected Packages 52
CVEs 23
Info Packages References Vulnerabilities

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

The following packages have been upgraded to a later upstream version: mariadb (5.5.60). (BZ#1584668, BZ#1584671, BZ#1584674, BZ#1601085)

Security Fix(es):

  • mysql: Client programs unspecified vulnerability (CPU Jul 2017) (CVE-2017-3636)

  • mysql: Server: DML unspecified vulnerability (CPU Jul 2017) (CVE-2017-3641)

  • mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017) (CVE-2017-3651)

  • mysql: Server: Replication unspecified vulnerability (CPU Oct 2017) (CVE-2017-10268)

  • mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2017) (CVE-2017-10378)

  • mysql: Client programs unspecified vulnerability (CPU Oct 2017) (CVE-2017-10379)

  • mysql: Server: DDL unspecified vulnerability (CPU Oct 2017) (CVE-2017-10384)

  • mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562)

  • mysql: Server: DDL unspecified vulnerability (CPU Jan 2018) (CVE-2018-2622)

  • mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2640)

  • mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2665)

  • mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2668)

  • mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755)

  • mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761)

  • mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771)

  • mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) (CVE-2018-2781)

  • mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2813)

  • mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2817)

  • mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2819)

  • mysql: Server: DDL unspecified vulnerability (CPU Jul 2017) (CVE-2017-3653)

  • mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM) (CVE-2018-2767)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Previously, the mysqladmin tool waited for an inadequate length of time if the socket it listened on did not respond in a specific way. Consequently, when the socket was used while the MariaDB server was starting, the mariadb service became unresponsive for a long time. With this update, the mysqladmin timeout has been shortened to 2 seconds. As a result, the mariadb service either starts or fails but no longer hangs in the described situation. (BZ#1584023)
Package Affected Version
pkg:rpm/redhat/mariadb?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-test?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-test?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-test?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-test?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-test?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-server?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-server?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-server?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-server?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-server?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=s390&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=ppc&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=i686&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-libs?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=s390&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=ppc&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=i686&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=s390&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=ppc&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=i686&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-embedded-devel?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=s390&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=ppc&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=i686&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-devel?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-bench?arch=x86_64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-bench?arch=s390x&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-bench?arch=ppc64le&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-bench?arch=ppc64&distro=redhat-7.5 < 5.5.60-1.el7_5
pkg:rpm/redhat/mariadb-bench?arch=aarch64&distro=redhat-7.5 < 5.5.60-1.el7_5
ID
RHSA-2018:2439
Severity
moderate
URL
https://access.redhat.com/errata/RHSA-2018:2439
Published
2018-08-16T00:00:00
(6 years ago)
Modified
2018-08-16T00:00:00
(6 years ago)
Rights
Copyright 2018 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1472686 https://bugzilla.redhat.com/1472686
Bugzilla 1472693 https://bugzilla.redhat.com/1472693
Bugzilla 1472708 https://bugzilla.redhat.com/1472708
Bugzilla 1472711 https://bugzilla.redhat.com/1472711
Bugzilla 1503656 https://bugzilla.redhat.com/1503656
Bugzilla 1503684 https://bugzilla.redhat.com/1503684
Bugzilla 1503685 https://bugzilla.redhat.com/1503685
Bugzilla 1503686 https://bugzilla.redhat.com/1503686
Bugzilla 1535484 https://bugzilla.redhat.com/1535484
Bugzilla 1535499 https://bugzilla.redhat.com/1535499
Bugzilla 1535500 https://bugzilla.redhat.com/1535500
Bugzilla 1535504 https://bugzilla.redhat.com/1535504
Bugzilla 1535506 https://bugzilla.redhat.com/1535506
Bugzilla 1564965 https://bugzilla.redhat.com/1564965
Bugzilla 1568921 https://bugzilla.redhat.com/1568921
Bugzilla 1568924 https://bugzilla.redhat.com/1568924
Bugzilla 1568931 https://bugzilla.redhat.com/1568931
Bugzilla 1568942 https://bugzilla.redhat.com/1568942
Bugzilla 1568951 https://bugzilla.redhat.com/1568951
Bugzilla 1568954 https://bugzilla.redhat.com/1568954
Bugzilla 1568956 https://bugzilla.redhat.com/1568956
Bugzilla 1640331 https://bugzilla.redhat.com/1640331
Bugzilla 1666742 https://bugzilla.redhat.com/1666742
RHSA RHSA-2018:2439 https://access.redhat.com/errata/RHSA-2018:2439
CVE CVE-2017-10268 https://access.redhat.com/security/cve/CVE-2017-10268
CVE CVE-2017-10378 https://access.redhat.com/security/cve/CVE-2017-10378
CVE CVE-2017-10379 https://access.redhat.com/security/cve/CVE-2017-10379
CVE CVE-2017-10384 https://access.redhat.com/security/cve/CVE-2017-10384
CVE CVE-2017-3636 https://access.redhat.com/security/cve/CVE-2017-3636
CVE CVE-2017-3641 https://access.redhat.com/security/cve/CVE-2017-3641
CVE CVE-2017-3651 https://access.redhat.com/security/cve/CVE-2017-3651
CVE CVE-2017-3653 https://access.redhat.com/security/cve/CVE-2017-3653
CVE CVE-2018-2562 https://access.redhat.com/security/cve/CVE-2018-2562
CVE CVE-2018-2622 https://access.redhat.com/security/cve/CVE-2018-2622
CVE CVE-2018-2640 https://access.redhat.com/security/cve/CVE-2018-2640
CVE CVE-2018-2665 https://access.redhat.com/security/cve/CVE-2018-2665
CVE CVE-2018-2668 https://access.redhat.com/security/cve/CVE-2018-2668
CVE CVE-2018-2755 https://access.redhat.com/security/cve/CVE-2018-2755
CVE CVE-2018-2761 https://access.redhat.com/security/cve/CVE-2018-2761
CVE CVE-2018-2767 https://access.redhat.com/security/cve/CVE-2018-2767
CVE CVE-2018-2771 https://access.redhat.com/security/cve/CVE-2018-2771
CVE CVE-2018-2781 https://access.redhat.com/security/cve/CVE-2018-2781
CVE CVE-2018-2813 https://access.redhat.com/security/cve/CVE-2018-2813
CVE CVE-2018-2817 https://access.redhat.com/security/cve/CVE-2018-2817
CVE CVE-2018-2819 https://access.redhat.com/security/cve/CVE-2018-2819
CVE CVE-2018-3133 https://access.redhat.com/security/cve/CVE-2018-3133
CVE CVE-2019-2455 https://access.redhat.com/security/cve/CVE-2019-2455
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/mariadb?arch=x86_64&distro=redhat-7.5 redhat mariadb < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb?arch=s390x&distro=redhat-7.5 redhat mariadb < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb?arch=ppc64le&distro=redhat-7.5 redhat mariadb < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb?arch=ppc64&distro=redhat-7.5 redhat mariadb < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb?arch=aarch64&distro=redhat-7.5 redhat mariadb < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-test?arch=x86_64&distro=redhat-7.5 redhat mariadb-test < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-test?arch=s390x&distro=redhat-7.5 redhat mariadb-test < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-test?arch=ppc64le&distro=redhat-7.5 redhat mariadb-test < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-test?arch=ppc64&distro=redhat-7.5 redhat mariadb-test < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-test?arch=aarch64&distro=redhat-7.5 redhat mariadb-test < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-server?arch=x86_64&distro=redhat-7.5 redhat mariadb-server < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-server?arch=s390x&distro=redhat-7.5 redhat mariadb-server < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-server?arch=ppc64le&distro=redhat-7.5 redhat mariadb-server < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-server?arch=ppc64&distro=redhat-7.5 redhat mariadb-server < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-server?arch=aarch64&distro=redhat-7.5 redhat mariadb-server < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-libs?arch=x86_64&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-libs?arch=s390x&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-libs?arch=s390&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 s390
Affected pkg:rpm/redhat/mariadb-libs?arch=ppc64le&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-libs?arch=ppc64&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-libs?arch=ppc&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 ppc
Affected pkg:rpm/redhat/mariadb-libs?arch=i686&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 i686
Affected pkg:rpm/redhat/mariadb-libs?arch=aarch64&distro=redhat-7.5 redhat mariadb-libs < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-embedded?arch=x86_64&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-embedded?arch=s390x&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-embedded?arch=s390&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 s390
Affected pkg:rpm/redhat/mariadb-embedded?arch=ppc64le&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-embedded?arch=ppc64&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-embedded?arch=ppc&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 ppc
Affected pkg:rpm/redhat/mariadb-embedded?arch=i686&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 i686
Affected pkg:rpm/redhat/mariadb-embedded?arch=aarch64&distro=redhat-7.5 redhat mariadb-embedded < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=x86_64&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=s390x&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=s390&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 s390
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=ppc64le&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=ppc64&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=ppc&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 ppc
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=i686&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 i686
Affected pkg:rpm/redhat/mariadb-embedded-devel?arch=aarch64&distro=redhat-7.5 redhat mariadb-embedded-devel < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-devel?arch=x86_64&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-devel?arch=s390x&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-devel?arch=s390&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 s390
Affected pkg:rpm/redhat/mariadb-devel?arch=ppc64le&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-devel?arch=ppc64&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-devel?arch=ppc&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 ppc
Affected pkg:rpm/redhat/mariadb-devel?arch=i686&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 i686
Affected pkg:rpm/redhat/mariadb-devel?arch=aarch64&distro=redhat-7.5 redhat mariadb-devel < 5.5.60-1.el7_5 redhat-7.5 aarch64
Affected pkg:rpm/redhat/mariadb-bench?arch=x86_64&distro=redhat-7.5 redhat mariadb-bench < 5.5.60-1.el7_5 redhat-7.5 x86_64
Affected pkg:rpm/redhat/mariadb-bench?arch=s390x&distro=redhat-7.5 redhat mariadb-bench < 5.5.60-1.el7_5 redhat-7.5 s390x
Affected pkg:rpm/redhat/mariadb-bench?arch=ppc64le&distro=redhat-7.5 redhat mariadb-bench < 5.5.60-1.el7_5 redhat-7.5 ppc64le
Affected pkg:rpm/redhat/mariadb-bench?arch=ppc64&distro=redhat-7.5 redhat mariadb-bench < 5.5.60-1.el7_5 redhat-7.5 ppc64
Affected pkg:rpm/redhat/mariadb-bench?arch=aarch64&distro=redhat-7.5 redhat mariadb-bench < 5.5.60-1.el7_5 redhat-7.5 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date