[SUSE-SU-2017:2035-1] Security update for mariadb
Security update for mariadb
This MariaDB update to version 10.0.31 GA fixes the following issues:
Security issues fixed:
- CVE-2017-3308: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3309: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3453: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3456: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3464: Subcomponent: Server: DDL: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
Bug fixes:
- switch from 'Restart=on-failure' to 'Restart=on-abort' in
mysql.service in order to follow the upstream. It also fixes
hanging mysql-systemd-helper when mariadb fails (e.g. because of
the misconfiguration) (bsc#963041)
- XtraDB updated to 5.6.36-82.0
- TokuDB updated to 5.6.36-82.0
- Innodb updated to 5.6.36
- Performance Schema updated to 5.6.36
Release notes and changelog:
- https://kb.askmonty.org/en/mariadb-10031-release-notes
- https://kb.askmonty.org/en/mariadb-10031-changelog
- ID
- SUSE-SU-2017:2035-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172035-1/
- Published
-
2017-08-03T08:45:24
(7 years ago) - Modified
-
2017-08-03T08:45:24
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2017-830
- ALAS-2017-831
- ALPINE:CVE-2017-3308
- ALPINE:CVE-2017-3309
- ALPINE:CVE-2017-3453
- ALPINE:CVE-2017-3456
- ALPINE:CVE-2017-3464
- DSA-3834-1
- DSA-3944-1
- ELSA-2017-2192
- FEDORA-2017-09dd8907da
- FEDORA-2017-1fedb9890c
- FEDORA-2017-2c0609b92a
- FEDORA-2017-8425f676f2
- FEDORA-2017-ef6bed485e
- FEDORA-2017-fe6e14dcf9
- FEDORA-2018-d955395c08
- FREEBSD:D9E01C35-2531-11E7-B291-B499BAEBFEAF
- GLSA-201802-04
- RHSA-2017:2192
- SSA:2017-195-01
- SUSE-SU-2017:1137-1
- SUSE-SU-2017:2034-1
- SUSE-SU-2018:1853-1
- USN-3269-1
- USN-3357-2
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2035-1.json | |
Suse | URL for SUSE-SU-2017:2035-1 | https://www.suse.com/support/update/announcement/2017/suse-su-20172035-1/ | |
Suse | E-Mail link for SUSE-SU-2017:2035-1 | https://lists.suse.com/pipermail/sle-security-updates/2017-August/003081.html | |
Bugzilla | SUSE Bug 1048715 | https://bugzilla.suse.com/1048715 | |
Bugzilla | SUSE Bug 963041 | https://bugzilla.suse.com/963041 | |
CVE | SUSE CVE CVE-2017-3308 page | https://www.suse.com/security/cve/CVE-2017-3308/ | |
CVE | SUSE CVE CVE-2017-3309 page | https://www.suse.com/security/cve/CVE-2017-3309/ | |
CVE | SUSE CVE CVE-2017-3453 page | https://www.suse.com/security/cve/CVE-2017-3453/ | |
CVE | SUSE CVE CVE-2017-3456 page | https://www.suse.com/security/cve/CVE-2017-3456/ | |
CVE | SUSE CVE CVE-2017-3464 page | https://www.suse.com/security/cve/CVE-2017-3464/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sles-12&sp=3 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sles-12&sp=2 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sles-12&sp=1 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sled-12&sp=3 | suse | mariadb | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sled-12&sp=2 | suse | mariadb | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb?arch=s390x&distro=sles-12&sp=3 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb?arch=s390x&distro=sles-12&sp=2 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb?arch=s390x&distro=sles-12&sp=1 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb?arch=ppc64le&distro=sles-12&sp=3 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb?arch=ppc64le&distro=sles-12&sp=2 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb?arch=ppc64le&distro=sles-12&sp=1 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb?arch=aarch64&distro=sles-12&sp=3 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb?arch=aarch64&distro=sles-12&sp=2 | suse | mariadb | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb-tools?arch=x86_64&distro=sles-12&sp=3 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-tools?arch=x86_64&distro=sles-12&sp=2 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-tools?arch=x86_64&distro=sles-12&sp=1 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-tools?arch=s390x&distro=sles-12&sp=3 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-tools?arch=s390x&distro=sles-12&sp=2 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-tools?arch=s390x&distro=sles-12&sp=1 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-tools?arch=ppc64le&distro=sles-12&sp=3 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-tools?arch=ppc64le&distro=sles-12&sp=2 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-tools?arch=ppc64le&distro=sles-12&sp=1 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-tools?arch=aarch64&distro=sles-12&sp=3 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb-tools?arch=aarch64&distro=sles-12&sp=2 | suse | mariadb-tools | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sles-12&sp=3 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sles-12&sp=2 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sles-12&sp=1 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sled-12&sp=3 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sled-12&sp=2 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=s390x&distro=sles-12&sp=3 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=s390x&distro=sles-12&sp=2 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=s390x&distro=sles-12&sp=1 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=ppc64le&distro=sles-12&sp=3 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=ppc64le&distro=sles-12&sp=2 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=ppc64le&distro=sles-12&sp=1 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=aarch64&distro=sles-12&sp=3 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb-errormessages?arch=aarch64&distro=sles-12&sp=2 | suse | mariadb-errormessages | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sles-12&sp=3 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sles-12&sp=2 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sles-12&sp=1 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sled-12&sp=3 | suse | mariadb-client | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sled-12&sp=2 | suse | mariadb-client | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=s390x&distro=sles-12&sp=3 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-client?arch=s390x&distro=sles-12&sp=2 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-client?arch=s390x&distro=sles-12&sp=1 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/mariadb-client?arch=ppc64le&distro=sles-12&sp=3 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-client?arch=ppc64le&distro=sles-12&sp=2 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-client?arch=ppc64le&distro=sles-12&sp=1 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/mariadb-client?arch=aarch64&distro=sles-12&sp=3 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/mariadb-client?arch=aarch64&distro=sles-12&sp=2 | suse | mariadb-client | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/libmysqld18?arch=x86_64&distro=sles-12&sp=1 | suse | libmysqld18 | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqld18?arch=s390x&distro=sles-12&sp=1 | suse | libmysqld18 | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqld18?arch=ppc64le&distro=sles-12&sp=1 | suse | libmysqld18 | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/libmysqld-devel?arch=x86_64&distro=sles-12&sp=1 | suse | libmysqld-devel | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqld-devel?arch=s390x&distro=sles-12&sp=1 | suse | libmysqld-devel | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqld-devel?arch=ppc64le&distro=sles-12&sp=1 | suse | libmysqld-devel | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/libmysqlclient_r18?arch=x86_64&distro=sles-12&sp=1 | suse | libmysqlclient_r18 | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient_r18?arch=x86_64&distro=sled-12&sp=3 | suse | libmysqlclient_r18 | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient_r18?arch=x86_64&distro=sled-12&sp=2 | suse | libmysqlclient_r18 | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient_r18?arch=s390x&distro=sles-12&sp=1 | suse | libmysqlclient_r18 | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient_r18?arch=ppc64le&distro=sles-12&sp=1 | suse | libmysqlclient_r18 | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/libmysqlclient_r18-32bit?arch=x86_64&distro=sled-12&sp=3 | suse | libmysqlclient_r18-32bit | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient_r18-32bit?arch=x86_64&distro=sled-12&sp=2 | suse | libmysqlclient_r18-32bit | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sles-12&sp=3 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sles-12&sp=2 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sles-12&sp=1 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sled-12&sp=3 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sled-12&sp=2 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=s390x&distro=sles-12&sp=3 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=s390x&distro=sles-12&sp=2 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=s390x&distro=sles-12&sp=1 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=ppc64le&distro=sles-12&sp=3 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=ppc64le&distro=sles-12&sp=2 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=ppc64le&distro=sles-12&sp=1 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=aarch64&distro=sles-12&sp=3 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/libmysqlclient18?arch=aarch64&distro=sles-12&sp=2 | suse | libmysqlclient18 | < 10.0.31-29.3.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sles-12&sp=3 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sles-12&sp=2 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sles-12&sp=1 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sled-12&sp=3 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sled-12&sp=2 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sled-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=s390x&distro=sles-12&sp=3 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=s390x&distro=sles-12&sp=2 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=s390x&distro=sles-12&sp=1 | suse | libmysqlclient18-32bit | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient-devel?arch=x86_64&distro=sles-12&sp=1 | suse | libmysqlclient-devel | < 10.0.31-29.3.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/libmysqlclient-devel?arch=s390x&distro=sles-12&sp=1 | suse | libmysqlclient-devel | < 10.0.31-29.3.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/libmysqlclient-devel?arch=ppc64le&distro=sles-12&sp=1 | suse | libmysqlclient-devel | < 10.0.31-29.3.1 | sles-12 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |