[SUSE-SU-2017:2035-1] Security update for mariadb
Severity
Important
Affected Packages
87
CVEs
5
Security update for mariadb
This MariaDB update to version 10.0.31 GA fixes the following issues:
Security issues fixed:
- CVE-2017-3308: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3309: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3453: Subcomponent: Server: Optimizer: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3456: Subcomponent: Server: DML: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
- CVE-2017-3464: Subcomponent: Server: DDL: Easily 'exploitable' vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS). (bsc#1048715)
Bug fixes:
- switch from 'Restart=on-failure' to 'Restart=on-abort' in
mysql.service in order to follow the upstream. It also fixes
hanging mysql-systemd-helper when mariadb fails (e.g. because of
the misconfiguration) (bsc#963041)
- XtraDB updated to 5.6.36-82.0
- TokuDB updated to 5.6.36-82.0
- Innodb updated to 5.6.36
- Performance Schema updated to 5.6.36
Release notes and changelog:
- https://kb.askmonty.org/en/mariadb-10031-release-notes
- https://kb.askmonty.org/en/mariadb-10031-changelog
- ID
- SUSE-SU-2017:2035-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172035-1/
- Published
-
2017-08-03T08:45:24
(7 years ago) - Modified
-
2017-08-03T08:45:24
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2017-830
-
ALAS-2017-831
-
ALPINE:CVE-2017-3308
-
ALPINE:CVE-2017-3309
-
ALPINE:CVE-2017-3453
-
ALPINE:CVE-2017-3456
-
ALPINE:CVE-2017-3464
-
DSA-3834-1
-
DSA-3944-1
-
ELSA-2017-2192
-
FEDORA-2017-09dd8907da
-
FEDORA-2017-1fedb9890c
-
FEDORA-2017-2c0609b92a
-
FEDORA-2017-8425f676f2
-
FEDORA-2017-ef6bed485e
-
FEDORA-2017-fe6e14dcf9
-
FEDORA-2018-d955395c08
-
FREEBSD:D9E01C35-2531-11E7-B291-B499BAEBFEAF
-
GLSA-201802-04
-
RHSA-2017:2192
-
SSA:2017-195-01
-
SUSE-SU-2017:1137-1
-
SUSE-SU-2017:2034-1
-
SUSE-SU-2018:1853-1
-
USN-3269-1
-
USN-3357-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2017:2035-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2017:2035-1 |
|
|
| Bugzilla | SUSE Bug 1048715 |
|
|
| Bugzilla | SUSE Bug 963041 |
|
|
| CVE | SUSE CVE CVE-2017-3308 page |
|
|
| CVE | SUSE CVE CVE-2017-3309 page |
|
|
| CVE | SUSE CVE CVE-2017-3453 page |
|
|
| CVE | SUSE CVE CVE-2017-3456 page |
|
|
| CVE | SUSE CVE CVE-2017-3464 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sles-12&sp=3 | suse |
 mariadb
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sles-12&sp=2 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sles-12&sp=1 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sled-12&sp=3 | suse |
mariadb
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb?arch=x86_64&distro=sled-12&sp=2 | suse |
mariadb
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb?arch=s390x&distro=sles-12&sp=3 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb?arch=s390x&distro=sles-12&sp=2 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb?arch=s390x&distro=sles-12&sp=1 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb?arch=ppc64le&distro=sles-12&sp=3 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb?arch=ppc64le&distro=sles-12&sp=2 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb?arch=ppc64le&distro=sles-12&sp=1 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb?arch=aarch64&distro=sles-12&sp=3 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb?arch=aarch64&distro=sles-12&sp=2 | suse |
mariadb
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=x86_64&distro=sles-12&sp=3 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=x86_64&distro=sles-12&sp=2 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=x86_64&distro=sles-12&sp=1 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=s390x&distro=sles-12&sp=3 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=s390x&distro=sles-12&sp=2 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=s390x&distro=sles-12&sp=1 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=ppc64le&distro=sles-12&sp=3 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=ppc64le&distro=sles-12&sp=2 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=ppc64le&distro=sles-12&sp=1 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=aarch64&distro=sles-12&sp=3 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb-tools?arch=aarch64&distro=sles-12&sp=2 | suse |
mariadb-tools
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sles-12&sp=3 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sles-12&sp=2 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sles-12&sp=1 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sled-12&sp=3 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=x86_64&distro=sled-12&sp=2 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=s390x&distro=sles-12&sp=3 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=s390x&distro=sles-12&sp=2 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=s390x&distro=sles-12&sp=1 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=ppc64le&distro=sles-12&sp=3 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=ppc64le&distro=sles-12&sp=2 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=ppc64le&distro=sles-12&sp=1 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=aarch64&distro=sles-12&sp=3 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb-errormessages?arch=aarch64&distro=sles-12&sp=2 | suse |
mariadb-errormessages
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sles-12&sp=3 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sles-12&sp=2 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sles-12&sp=1 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sled-12&sp=3 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=x86_64&distro=sled-12&sp=2 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=s390x&distro=sles-12&sp=3 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-client?arch=s390x&distro=sles-12&sp=2 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-client?arch=s390x&distro=sles-12&sp=1 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/mariadb-client?arch=ppc64le&distro=sles-12&sp=3 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-client?arch=ppc64le&distro=sles-12&sp=2 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-client?arch=ppc64le&distro=sles-12&sp=1 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/mariadb-client?arch=aarch64&distro=sles-12&sp=3 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/mariadb-client?arch=aarch64&distro=sles-12&sp=2 | suse |
mariadb-client
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/libmysqld18?arch=x86_64&distro=sles-12&sp=1 | suse |
libmysqld18
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqld18?arch=s390x&distro=sles-12&sp=1 | suse |
libmysqld18
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqld18?arch=ppc64le&distro=sles-12&sp=1 | suse |
libmysqld18
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/libmysqld-devel?arch=x86_64&distro=sles-12&sp=1 | suse |
libmysqld-devel
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqld-devel?arch=s390x&distro=sles-12&sp=1 | suse |
libmysqld-devel
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqld-devel?arch=ppc64le&distro=sles-12&sp=1 | suse |
libmysqld-devel
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/libmysqlclient_r18?arch=x86_64&distro=sles-12&sp=1 | suse |
libmysqlclient_r18
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient_r18?arch=x86_64&distro=sled-12&sp=3 | suse |
libmysqlclient_r18
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient_r18?arch=x86_64&distro=sled-12&sp=2 | suse |
libmysqlclient_r18
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient_r18?arch=s390x&distro=sles-12&sp=1 | suse |
libmysqlclient_r18
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient_r18?arch=ppc64le&distro=sles-12&sp=1 | suse |
libmysqlclient_r18
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/libmysqlclient_r18-32bit?arch=x86_64&distro=sled-12&sp=3 | suse |
libmysqlclient_r18-32bit
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient_r18-32bit?arch=x86_64&distro=sled-12&sp=2 | suse |
libmysqlclient_r18-32bit
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sles-12&sp=3 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sles-12&sp=2 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sles-12&sp=1 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sled-12&sp=3 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=x86_64&distro=sled-12&sp=2 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=s390x&distro=sles-12&sp=3 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=s390x&distro=sles-12&sp=2 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=s390x&distro=sles-12&sp=1 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=ppc64le&distro=sles-12&sp=3 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=ppc64le&distro=sles-12&sp=2 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=ppc64le&distro=sles-12&sp=1 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=aarch64&distro=sles-12&sp=3 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/libmysqlclient18?arch=aarch64&distro=sles-12&sp=2 | suse |
libmysqlclient18
|
< 10.0.31-29.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sles-12&sp=3 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sles-12&sp=2 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sles-12&sp=1 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sled-12&sp=3 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=x86_64&distro=sled-12&sp=2 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sled-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=s390x&distro=sles-12&sp=3 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=s390x&distro=sles-12&sp=2 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient18-32bit?arch=s390x&distro=sles-12&sp=1 | suse |
libmysqlclient18-32bit
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient-devel?arch=x86_64&distro=sles-12&sp=1 | suse |
libmysqlclient-devel
|
< 10.0.31-29.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/libmysqlclient-devel?arch=s390x&distro=sles-12&sp=1 | suse |
libmysqlclient-devel
|
< 10.0.31-29.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/libmysqlclient-devel?arch=ppc64le&distro=sles-12&sp=1 | suse |
libmysqlclient-devel
|
< 10.0.31-29.3.1 | sles-12 | ppc64le |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |