[SUSE-SU-2020:0831-1] Security update for mariadb
Severity
Important
CVEs
9
Security update for mariadb
This update for mariadb to version 10.2.31 GA fixes the following issues:
MariaDB was updated to version 10.2.31 GA (bsc#1162388 and bsc#1156669).
Security issues fixed:
- CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388).
- CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895).
- CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service
- CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service
- CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service
- CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service
- CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service
- CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption
- CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption
- Enabled security hardenings in MariaDB's systemd service, namely ProtectSystem, ProtectHome and UMask (bsc#1160878).
- Fixed a potental symlink attack (bsc#1160912).
- Fixed a permissions issue in /var/lib/mysql (bsc#1077717).
- Used systemd-tmpfiles for a cleaner and safer creation of /run/mysql (bsc#1160883).
- ID
- SUSE-SU-2020:0831-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20200831-1/
- Published
-
2020-03-31T12:51:03
(4 years ago) - Modified
-
2020-03-31T12:51:03
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2019-1296
- ALAS-2019-1297
- ALAS-2020-1332
- ALAS-2020-1333
- ALAS2-2020-1537
- ALPINE:CVE-2019-2737
- ALPINE:CVE-2019-2739
- ALPINE:CVE-2019-2740
- ALPINE:CVE-2019-2758
- ALPINE:CVE-2019-2805
- ALPINE:CVE-2019-2938
- ALPINE:CVE-2019-2974
- ALPINE:CVE-2020-2574
- ALSA-2019:2511
- ALSA-2019:3708
- ALSA-2020:3732
- ALSA-2020:5500
- ALSA-2020:5503
- ELSA-2019-2511
- ELSA-2020-1100
- ELSA-2020-3732
- ELSA-2020-4026
- ELSA-2020-5500
- ELSA-2020-5503
- FEDORA-2019-48a0a07033
- FEDORA-2019-96516ce0ac
- FEDORA-2019-c106e46a95
- FEDORA-2019-c1fab3f139
- FEDORA-2019-d40df38271
- FREEBSD:198E6220-AC8B-11E9-A1C7-B499BAEBFEAF
- FREEBSD:A6CF65AD-37D2-11EA-A1C7-B499BAEBFEAF
- FREEBSD:CB0183BB-45F6-11EA-A1C7-B499BAEBFEAF
- FREEBSD:FC91F2EF-FD7B-11E9-A1C7-B499BAEBFEAF
- GLSA-202105-27
- GLSA-202405-25
- openSUSE-SU-2019:2698-1
- openSUSE-SU-2020:0289-1
- RHSA-2019:2511
- RHSA-2019:3708
- RHSA-2020:1100
- RHSA-2020:3732
- RHSA-2020:4026
- RHSA-2020:5500
- RHSA-2020:5503
- RLSA-2019:2511
- RLSA-2019:3708
- RLSA-2020:3732
- RLSA-2020:5500
- RLSA-2020:5503
- SSA:2019-213-01
- SUSE-SU-2019:2461-1
- SUSE-SU-2019:2687-1
- SUSE-SU-2019:3306-1
- SUSE-SU-2019:3369-1
- SUSE-SU-2019:3370-1
- SUSE-SU-2020:0050-1
- SUSE-SU-2020:0496-1
- SUSE-SU-2020:0505-1
- SUSE-SU-2020:0523-1
- SUSE-SU-2020:0527-1
- SUSE-SU-2020:0640-1
- USN-4070-1
- USN-4070-2
- USN-4070-3
- USN-4195-1
- USN-4195-2
- USN-4250-1
- USN-4250-2
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |