[SUSE-SU-2018:1853-1] Recommended update for mariadb

Severity Important

CVEs 41

Recommended update for mariadb

This MariaDB update to version 10.2.15 brings the following fixes and improvements.

Security issues:

CVE-2018-2767: The embedded server library now supports SSL when connecting to remote servers (bsc#1088681).
Collected CVEs fixes:
- 10.2.15: CVE-2018-2786, CVE-2018-2759, CVE-2018-2777, CVE-2018-2810, CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2766, CVE-2018-2755, CVE-2018-2819, CVE-2018-2817, CVE-2018-2761, CVE-2018-2781, CVE-2018-2771, CVE-2018-2813
- 10.2.13: CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2612
- 10.2.10: CVE-2017-10378, CVE-2017-10268, CVE-2017-15365
- 10.2.8: CVE-2017-3636, CVE-2017-3641, CVE-2017-3653, CVE-2017-10320, CVE-2017-10365, CVE-2017-10379, CVE-2017-10384, CVE-2017-10286, CVE-2017-3257
- 10.2.6: CVE-2017-3308, CVE-2017-3309, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464
- 10.2.5: CVE-2017-3313, CVE-2017-3302

Bugfixes:

bsc#1092544: Update suse_skipped_tests.list and add tests that are failing with GCC 8.
bsc#1012075: MariaDB Test Suite issue with test sys_vars.secure_file_priv.test.
bsc#1019948: mariadb even tumbleweed version is super old.
bsc#1039034: no ODBC support in MariaDB Server.
bsc#1041891: Make mariadb tests pass and exclude failures.
bsc#1042632: Mariadb fails to build with openssl-1.1.
bsc#1043328: Update mariadb in TW to 10.2 and drop comat with mysql.
bsc#1047218: trackerbug: packages do not build reproducibly from including build time.
bsc#1055165: mariadb build with cassandra enabled.
bsc#1055268: MariaDB configurations are not overwritable.
bsc#1058374: Use bind-address directive and SSL section settings in default my.cnf.
bsc#1058729: MariaDB - mysql-test - connect.drop-open-error is failing (regression).
bsc#1060110: The mariadb install script depends on hostname but does not require it.
bsc#1062583: Stop using boost-devel.
bsc#1067443: incomplete revert of the mariadb service rename.
bsc#1068906: MariaDB: ALTER TABLE can't rename columns with CHECK constraints.
bsc#1069401: Database failed apply with mariadb 10.2 : RuntimeError: Galera cluster did not start after 600 seconds.
bsc#1080891: server:database/mariadb: up-streaming patches.
bsc#1083087: Galera bootstrap failes work after MariaDB 10.2.13 upgrade.
bsc#1082318: mariadb-connector-c.changes and xtrabackup need to use %doc instead of %license.

Release notes and changelog:

ID

SUSE-SU-2018:1853-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2018/suse-su-20181853-1/

Published

2018-06-29T15:40:54
(6 years ago)

Modified

2018-06-29T15:40:54
(6 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1853-1.json
Suse	URL for SUSE-SU-2018:1853-1	https://www.suse.com/support/update/announcement/2018/suse-su-20181853-1/
Suse	E-Mail link for SUSE-SU-2018:1853-1	https://lists.suse.com/pipermail/sle-security-updates/2018-June/004235.html
Bugzilla	SUSE Bug 1012075	https://bugzilla.suse.com/1012075
Bugzilla	SUSE Bug 1019948	https://bugzilla.suse.com/1019948
Bugzilla	SUSE Bug 1039034	https://bugzilla.suse.com/1039034
Bugzilla	SUSE Bug 1041891	https://bugzilla.suse.com/1041891
Bugzilla	SUSE Bug 1042632	https://bugzilla.suse.com/1042632
Bugzilla	SUSE Bug 1043328	https://bugzilla.suse.com/1043328
Bugzilla	SUSE Bug 1047218	https://bugzilla.suse.com/1047218
Bugzilla	SUSE Bug 1055165	https://bugzilla.suse.com/1055165
Bugzilla	SUSE Bug 1055268	https://bugzilla.suse.com/1055268
Bugzilla	SUSE Bug 1058374	https://bugzilla.suse.com/1058374
Bugzilla	SUSE Bug 1058729	https://bugzilla.suse.com/1058729
Bugzilla	SUSE Bug 1060110	https://bugzilla.suse.com/1060110
Bugzilla	SUSE Bug 1062583	https://bugzilla.suse.com/1062583
Bugzilla	SUSE Bug 1067443	https://bugzilla.suse.com/1067443
Bugzilla	SUSE Bug 1068906	https://bugzilla.suse.com/1068906
Bugzilla	SUSE Bug 1069401	https://bugzilla.suse.com/1069401
Bugzilla	SUSE Bug 1080891	https://bugzilla.suse.com/1080891
Bugzilla	SUSE Bug 1082318	https://bugzilla.suse.com/1082318
Bugzilla	SUSE Bug 1083087	https://bugzilla.suse.com/1083087
Bugzilla	SUSE Bug 1088681	https://bugzilla.suse.com/1088681
Bugzilla	SUSE Bug 1092544	https://bugzilla.suse.com/1092544
Bugzilla	SUSE Bug 1093130	https://bugzilla.suse.com/1093130
CVE	SUSE CVE CVE-2017-10268 page	https://www.suse.com/security/cve/CVE-2017-10268/
CVE	SUSE CVE CVE-2017-10286 page	https://www.suse.com/security/cve/CVE-2017-10286/
CVE	SUSE CVE CVE-2017-10320 page	https://www.suse.com/security/cve/CVE-2017-10320/
CVE	SUSE CVE CVE-2017-10365 page	https://www.suse.com/security/cve/CVE-2017-10365/
CVE	SUSE CVE CVE-2017-10378 page	https://www.suse.com/security/cve/CVE-2017-10378/
CVE	SUSE CVE CVE-2017-10379 page	https://www.suse.com/security/cve/CVE-2017-10379/
CVE	SUSE CVE CVE-2017-10384 page	https://www.suse.com/security/cve/CVE-2017-10384/
CVE	SUSE CVE CVE-2017-15365 page	https://www.suse.com/security/cve/CVE-2017-15365/
CVE	SUSE CVE CVE-2017-3257 page	https://www.suse.com/security/cve/CVE-2017-3257/
CVE	SUSE CVE CVE-2017-3302 page	https://www.suse.com/security/cve/CVE-2017-3302/
CVE	SUSE CVE CVE-2017-3308 page	https://www.suse.com/security/cve/CVE-2017-3308/
CVE	SUSE CVE CVE-2017-3309 page	https://www.suse.com/security/cve/CVE-2017-3309/
CVE	SUSE CVE CVE-2017-3313 page	https://www.suse.com/security/cve/CVE-2017-3313/
CVE	SUSE CVE CVE-2017-3453 page	https://www.suse.com/security/cve/CVE-2017-3453/
CVE	SUSE CVE CVE-2017-3456 page	https://www.suse.com/security/cve/CVE-2017-3456/
CVE	SUSE CVE CVE-2017-3464 page	https://www.suse.com/security/cve/CVE-2017-3464/
CVE	SUSE CVE CVE-2017-3636 page	https://www.suse.com/security/cve/CVE-2017-3636/
CVE	SUSE CVE CVE-2017-3641 page	https://www.suse.com/security/cve/CVE-2017-3641/
CVE	SUSE CVE CVE-2017-3653 page	https://www.suse.com/security/cve/CVE-2017-3653/
CVE	SUSE CVE CVE-2018-2562 page	https://www.suse.com/security/cve/CVE-2018-2562/
CVE	SUSE CVE CVE-2018-2612 page	https://www.suse.com/security/cve/CVE-2018-2612/
CVE	SUSE CVE CVE-2018-2622 page	https://www.suse.com/security/cve/CVE-2018-2622/
CVE	SUSE CVE CVE-2018-2640 page	https://www.suse.com/security/cve/CVE-2018-2640/
CVE	SUSE CVE CVE-2018-2665 page	https://www.suse.com/security/cve/CVE-2018-2665/
CVE	SUSE CVE CVE-2018-2668 page	https://www.suse.com/security/cve/CVE-2018-2668/
CVE	SUSE CVE CVE-2018-2755 page	https://www.suse.com/security/cve/CVE-2018-2755/
CVE	SUSE CVE CVE-2018-2759 page	https://www.suse.com/security/cve/CVE-2018-2759/
CVE	SUSE CVE CVE-2018-2761 page	https://www.suse.com/security/cve/CVE-2018-2761/
CVE	SUSE CVE CVE-2018-2766 page	https://www.suse.com/security/cve/CVE-2018-2766/
CVE	SUSE CVE CVE-2018-2767 page	https://www.suse.com/security/cve/CVE-2018-2767/
CVE	SUSE CVE CVE-2018-2771 page	https://www.suse.com/security/cve/CVE-2018-2771/
CVE	SUSE CVE CVE-2018-2777 page	https://www.suse.com/security/cve/CVE-2018-2777/
CVE	SUSE CVE CVE-2018-2781 page	https://www.suse.com/security/cve/CVE-2018-2781/
CVE	SUSE CVE CVE-2018-2782 page	https://www.suse.com/security/cve/CVE-2018-2782/
CVE	SUSE CVE CVE-2018-2784 page	https://www.suse.com/security/cve/CVE-2018-2784/
CVE	SUSE CVE CVE-2018-2786 page	https://www.suse.com/security/cve/CVE-2018-2786/
CVE	SUSE CVE CVE-2018-2787 page	https://www.suse.com/security/cve/CVE-2018-2787/
CVE	SUSE CVE CVE-2018-2810 page	https://www.suse.com/security/cve/CVE-2018-2810/
CVE	SUSE CVE CVE-2018-2813 page	https://www.suse.com/security/cve/CVE-2018-2813/
CVE	SUSE CVE CVE-2018-2817 page	https://www.suse.com/security/cve/CVE-2018-2817/
CVE	SUSE CVE CVE-2018-2819 page	https://www.suse.com/security/cve/CVE-2018-2819/

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date