SUSE-SU-2016:0296-1: moderate: Security update for mariadb
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Feb 1 07:11:57 MST 2016
SUSE Security Update: Security update for mariadb
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:0296-1
Rating: moderate
References: #937787 #957174 #958789
Cross-References: CVE-2015-4792 CVE-2015-4802 CVE-2015-4807
CVE-2015-4815 CVE-2015-4826 CVE-2015-4830
CVE-2015-4836 CVE-2015-4858 CVE-2015-4861
CVE-2015-4870 CVE-2015-4913 CVE-2015-5969
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP1
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that fixes 12 vulnerabilities is now available.
Description:
MariaDB has been updated to version 10.0.22, which brings fixes for many
security issues and other improvements.
The following CVEs have been fixed:
- 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826,
CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861,
CVE-2015-4870, CVE-2015-4913, CVE-2015-4792
- Fix information leak via mysql-systemd-helper script. (CVE-2015-5969,
bsc#957174)
For a comprehensive list of changes refer to the upstream Release Notes
and Change Log documents:
- https://kb.askmonty.org/en/mariadb-10022-release-notes/
- https://kb.askmonty.org/en/mariadb-10022-changelog/
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP1:
zypper in -t patch SUSE-SLE-WE-12-SP1-2016-183=1
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-183=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-183=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-183=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64):
libmysqlclient_r18-10.0.22-3.1
libmysqlclient_r18-32bit-10.0.22-3.1
mariadb-debuginfo-10.0.22-3.1
mariadb-debugsource-10.0.22-3.1
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
libmysqlclient-devel-10.0.22-3.1
libmysqlclient_r18-10.0.22-3.1
libmysqld-devel-10.0.22-3.1
libmysqld18-10.0.22-3.1
libmysqld18-debuginfo-10.0.22-3.1
mariadb-debuginfo-10.0.22-3.1
mariadb-debugsource-10.0.22-3.1
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
libmysqlclient18-10.0.22-3.1
libmysqlclient18-debuginfo-10.0.22-3.1
mariadb-10.0.22-3.1
mariadb-client-10.0.22-3.1
mariadb-client-debuginfo-10.0.22-3.1
mariadb-debuginfo-10.0.22-3.1
mariadb-debugsource-10.0.22-3.1
mariadb-errormessages-10.0.22-3.1
mariadb-tools-10.0.22-3.1
mariadb-tools-debuginfo-10.0.22-3.1
- SUSE Linux Enterprise Server 12-SP1 (s390x x86_64):
libmysqlclient18-32bit-10.0.22-3.1
libmysqlclient18-debuginfo-32bit-10.0.22-3.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
libmysqlclient18-10.0.22-3.1
libmysqlclient18-32bit-10.0.22-3.1
libmysqlclient18-debuginfo-10.0.22-3.1
libmysqlclient18-debuginfo-32bit-10.0.22-3.1
libmysqlclient_r18-10.0.22-3.1
libmysqlclient_r18-32bit-10.0.22-3.1
mariadb-10.0.22-3.1
mariadb-client-10.0.22-3.1
mariadb-client-debuginfo-10.0.22-3.1
mariadb-debuginfo-10.0.22-3.1
mariadb-debugsource-10.0.22-3.1
mariadb-errormessages-10.0.22-3.1
References:
https://www.suse.com/security/cve/CVE-2015-4792.html
https://www.suse.com/security/cve/CVE-2015-4802.html
https://www.suse.com/security/cve/CVE-2015-4807.html
https://www.suse.com/security/cve/CVE-2015-4815.html
https://www.suse.com/security/cve/CVE-2015-4826.html
https://www.suse.com/security/cve/CVE-2015-4830.html
https://www.suse.com/security/cve/CVE-2015-4836.html
https://www.suse.com/security/cve/CVE-2015-4858.html
https://www.suse.com/security/cve/CVE-2015-4861.html
https://www.suse.com/security/cve/CVE-2015-4870.html
https://www.suse.com/security/cve/CVE-2015-4913.html
https://www.suse.com/security/cve/CVE-2015-5969.html
https://bugzilla.suse.com/937787
https://bugzilla.suse.com/957174
https://bugzilla.suse.com/958789
More information about the sle-security-updates
mailing list