SUSE-SU-2016:0121-1: moderate: Security update for mariadb
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Jan 14 13:11:16 MST 2016
SUSE Security Update: Security update for mariadb
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:0121-1
Rating: moderate
References: #934401 #937258 #937343 #937787 #958789 #958790
Cross-References: CVE-2015-4792 CVE-2015-4802 CVE-2015-4807
CVE-2015-4815 CVE-2015-4816 CVE-2015-4819
CVE-2015-4826 CVE-2015-4830 CVE-2015-4836
CVE-2015-4858 CVE-2015-4861 CVE-2015-4870
CVE-2015-4879 CVE-2015-4895 CVE-2015-4913
Affected Products:
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
MariaDB has been updated to version 10.0.22, which brings fixes for many
security issues and other improvements.
The following CVEs have been fixed:
- 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826,
CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861,
CVE-2015-4870, CVE-2015-4913, CVE-2015-4792
- 10.0.21: CVE-2015-4816, CVE-2015-4819, CVE-2015-4879, CVE-2015-4895
The following non-security issues have been fixed:
- Fix rc.mysql-multi script to properly start instances after restart.
(bsc#934401)
- Fix rc.mysql-multi script to restart after crash. (bsc#937258)
For a comprehensive list of changes refer to the upstream Release Notes
and Change Log documents:
- https://kb.askmonty.org/en/mariadb-10022-release-notes/
- https://kb.askmonty.org/en/mariadb-10021-release-notes/
- https://kb.askmonty.org/en/mariadb-10022-changelog/
- https://kb.askmonty.org/en/mariadb-10021-changelog/
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2016-87=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2016-87=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2016-87=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-87=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
libmysqlclient_r18-10.0.22-20.3.1
libmysqlclient_r18-32bit-10.0.22-20.3.1
mariadb-debuginfo-10.0.22-20.3.1
mariadb-debugsource-10.0.22-20.3.1
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
libmysqlclient-devel-10.0.22-20.3.1
libmysqlclient_r18-10.0.22-20.3.1
libmysqld-devel-10.0.22-20.3.1
libmysqld18-10.0.22-20.3.1
libmysqld18-debuginfo-10.0.22-20.3.1
mariadb-debuginfo-10.0.22-20.3.1
mariadb-debugsource-10.0.22-20.3.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
libmysqlclient18-10.0.22-20.3.1
libmysqlclient18-debuginfo-10.0.22-20.3.1
mariadb-10.0.22-20.3.1
mariadb-client-10.0.22-20.3.1
mariadb-client-debuginfo-10.0.22-20.3.1
mariadb-debuginfo-10.0.22-20.3.1
mariadb-debugsource-10.0.22-20.3.1
mariadb-errormessages-10.0.22-20.3.1
mariadb-tools-10.0.22-20.3.1
mariadb-tools-debuginfo-10.0.22-20.3.1
- SUSE Linux Enterprise Server 12 (s390x x86_64):
libmysqlclient18-32bit-10.0.22-20.3.1
libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
libmysqlclient18-10.0.22-20.3.1
libmysqlclient18-32bit-10.0.22-20.3.1
libmysqlclient18-debuginfo-10.0.22-20.3.1
libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1
libmysqlclient_r18-10.0.22-20.3.1
libmysqlclient_r18-32bit-10.0.22-20.3.1
mariadb-10.0.22-20.3.1
mariadb-client-10.0.22-20.3.1
mariadb-client-debuginfo-10.0.22-20.3.1
mariadb-debuginfo-10.0.22-20.3.1
mariadb-debugsource-10.0.22-20.3.1
mariadb-errormessages-10.0.22-20.3.1
References:
https://www.suse.com/security/cve/CVE-2015-4792.html
https://www.suse.com/security/cve/CVE-2015-4802.html
https://www.suse.com/security/cve/CVE-2015-4807.html
https://www.suse.com/security/cve/CVE-2015-4815.html
https://www.suse.com/security/cve/CVE-2015-4816.html
https://www.suse.com/security/cve/CVE-2015-4819.html
https://www.suse.com/security/cve/CVE-2015-4826.html
https://www.suse.com/security/cve/CVE-2015-4830.html
https://www.suse.com/security/cve/CVE-2015-4836.html
https://www.suse.com/security/cve/CVE-2015-4858.html
https://www.suse.com/security/cve/CVE-2015-4861.html
https://www.suse.com/security/cve/CVE-2015-4870.html
https://www.suse.com/security/cve/CVE-2015-4879.html
https://www.suse.com/security/cve/CVE-2015-4895.html
https://www.suse.com/security/cve/CVE-2015-4913.html
https://bugzilla.suse.com/934401
https://bugzilla.suse.com/937258
https://bugzilla.suse.com/937343
https://bugzilla.suse.com/937787
https://bugzilla.suse.com/958789
https://bugzilla.suse.com/958790
More information about the sle-security-updates
mailing list