1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2020:0831-1

[SUSE-SU-2020:0831-1] Security update for mariadb

Severity Important
CVEs 9
Info References Vulnerabilities

Security update for mariadb

This update for mariadb to version 10.2.31 GA fixes the following issues:

MariaDB was updated to version 10.2.31 GA (bsc#1162388 and bsc#1156669).

Security issues fixed:

  • CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388).
  • CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895).
  • CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service
  • CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service
  • CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service
  • CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service
  • CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service
  • CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption
  • CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption
  • Enabled security hardenings in MariaDB's systemd service, namely ProtectSystem, ProtectHome and UMask (bsc#1160878).
  • Fixed a potental symlink attack (bsc#1160912).
  • Fixed a permissions issue in /var/lib/mysql (bsc#1077717).
  • Used systemd-tmpfiles for a cleaner and safer creation of /run/mysql (bsc#1160883).
ID
SUSE-SU-2020:0831-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2020/suse-su-20200831-1/
Published
2020-03-31T12:51:03
(4 years ago)
Modified
2020-03-31T12:51:03
(4 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_0831-1.json
Suse URL for SUSE-SU-2020:0831-1 https://www.suse.com/support/update/announcement/2020/suse-su-20200831-1/
Suse E-Mail link for SUSE-SU-2020:0831-1 https://lists.suse.com/pipermail/sle-security-updates/2020-March/006654.html
Bugzilla SUSE Bug 1077717 https://bugzilla.suse.com/1077717
Bugzilla SUSE Bug 1156669 https://bugzilla.suse.com/1156669
Bugzilla SUSE Bug 1160878 https://bugzilla.suse.com/1160878
Bugzilla SUSE Bug 1160883 https://bugzilla.suse.com/1160883
Bugzilla SUSE Bug 1160895 https://bugzilla.suse.com/1160895
Bugzilla SUSE Bug 1160912 https://bugzilla.suse.com/1160912
Bugzilla SUSE Bug 1162388 https://bugzilla.suse.com/1162388
CVE SUSE CVE CVE-2019-18901 page https://www.suse.com/security/cve/CVE-2019-18901/
CVE SUSE CVE CVE-2019-2737 page https://www.suse.com/security/cve/CVE-2019-2737/
CVE SUSE CVE CVE-2019-2739 page https://www.suse.com/security/cve/CVE-2019-2739/
CVE SUSE CVE CVE-2019-2740 page https://www.suse.com/security/cve/CVE-2019-2740/
CVE SUSE CVE CVE-2019-2758 page https://www.suse.com/security/cve/CVE-2019-2758/
CVE SUSE CVE CVE-2019-2805 page https://www.suse.com/security/cve/CVE-2019-2805/
CVE SUSE CVE CVE-2019-2938 page https://www.suse.com/security/cve/CVE-2019-2938/
CVE SUSE CVE CVE-2019-2974 page https://www.suse.com/security/cve/CVE-2019-2974/
CVE SUSE CVE CVE-2020-2574 page https://www.suse.com/security/cve/CVE-2020-2574/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date