Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.0555.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:0555-1)
Summary:The remote host is missing an update for the 'mariadb' package(s) announced via the SUSE-SU-2019:0555-1 advisory.
Description:Summary:
The remote host is missing an update for the 'mariadb' package(s) announced via the SUSE-SU-2019:0555-1 advisory.

Vulnerability Insight:
This update for mariadb to version 10.2.22 fixes the following issues:

Security issues fixed:
CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise
and lead to Denial of Service (bsc#1122198).

CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise
and lead to Denial of Service (bsc#1122198).

CVE-2018-3284: Fixed InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112377)

CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct
2018) (bsc#1112432)

CVE-2018-3277: Fixed InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112391)

CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112397)

CVE-2018-3200: Fixed InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112404)

CVE-2018-3185: Fixed InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112384)

CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018)
(bsc#1112368)

CVE-2018-3173: Fixed InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112386)

CVE-2018-3162: Fixed InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112415)

CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112417)

CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018)
(bsc#1112421)

CVE-2018-3066: Unspecified vulnerability in the MySQL Server component
of Oracle MySQL (subcomponent Server Options). (bsc#1101678)

CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018)
(bsc#1103342)

CVE-2018-3063: Unspecified vulnerability in the MySQL Server component
of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677)

CVE-2018-3058: Unspecified vulnerability in the MySQL Server component
of Oracle MySQL (subcomponent MyISAM). (bsc#1101676)

CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)

Non-security issues fixed:
Fixed an issue where mysl_install_db fails due to incorrect basedir
(bsc#1127027).

Fixed an issue where the lograte was not working (bsc#1112767).

Backport Information Schema CHECK_CONSTRAINTS Table.

Maximum value of table_definition_cache is now 2097152.

InnoDB ALTER TABLE fixes.

Galera crash recovery fixes.

Encryption fixes.

Remove xtrabackup dependency as MariaDB ships a build in mariabackup so
xtrabackup is not needed (bsc#1122475).

Maria DB testsuite - test main.plugin_auth failed (bsc#1111859)

Maria DB testsuite - test encryption.second_plugin-12863 failed
(bsc#1111858)

Remove PerconaFT from the package as it has AGPL licence (bsc#1118754)

remove PerconaFT from the package as it has AGPL licence (bsc#1118754)

Database corruption after renaming a prefix-indexed column (bsc#1120041)


Release notes and changelog:
[link moved to references]

[link moved to references]

Affected Software/OS:
'mariadb' package(s) on SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-9843
BugTraq ID: 95131
http://www.securityfocus.com/bid/95131
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://bugzilla.redhat.com/show_bug.cgi?id=1402351
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
https://security.netapp.com/advisory/ntap-20181018-0002/
https://support.apple.com/HT208112
https://support.apple.com/HT208113
https://support.apple.com/HT208115
https://support.apple.com/HT208144
https://security.gentoo.org/glsa/201701-56
https://security.gentoo.org/glsa/202007-54
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html
http://www.openwall.com/lists/oss-security/2016/12/05/21
RedHat Security Advisories: RHSA-2017:1220
https://access.redhat.com/errata/RHSA-2017:1220
RedHat Security Advisories: RHSA-2017:1221
https://access.redhat.com/errata/RHSA-2017:1221
RedHat Security Advisories: RHSA-2017:1222
https://access.redhat.com/errata/RHSA-2017:1222
RedHat Security Advisories: RHSA-2017:2999
https://access.redhat.com/errata/RHSA-2017:2999
RedHat Security Advisories: RHSA-2017:3046
https://access.redhat.com/errata/RHSA-2017:3046
RedHat Security Advisories: RHSA-2017:3047
https://access.redhat.com/errata/RHSA-2017:3047
RedHat Security Advisories: RHSA-2017:3453
https://access.redhat.com/errata/RHSA-2017:3453
http://www.securitytracker.com/id/1039427
http://www.securitytracker.com/id/1041888
SuSE Security Announcement: openSUSE-SU-2016:3202 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html
SuSE Security Announcement: openSUSE-SU-2017:0077 (Google Search)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html
SuSE Security Announcement: openSUSE-SU-2017:0080 (Google Search)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html
https://usn.ubuntu.com/4246-1/
https://usn.ubuntu.com/4292-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3058
BugTraq ID: 104766
http://www.securityfocus.com/bid/104766
Debian Security Information: DSA-4341 (Google Search)
https://www.debian.org/security/2018/dsa-4341
https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html
RedHat Security Advisories: RHSA-2018:3655
https://access.redhat.com/errata/RHSA-2018:3655
RedHat Security Advisories: RHSA-2019:1258
https://access.redhat.com/errata/RHSA-2019:1258
RedHat Security Advisories: RHSA-2019:2327
https://access.redhat.com/errata/RHSA-2019:2327
http://www.securitytracker.com/id/1041294
https://usn.ubuntu.com/3725-1/
https://usn.ubuntu.com/3725-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3060
BugTraq ID: 104769
http://www.securityfocus.com/bid/104769
Common Vulnerability Exposure (CVE) ID: CVE-2018-3063
BugTraq ID: 104786
http://www.securityfocus.com/bid/104786
Common Vulnerability Exposure (CVE) ID: CVE-2018-3064
BugTraq ID: 104776
http://www.securityfocus.com/bid/104776
Common Vulnerability Exposure (CVE) ID: CVE-2018-3066
Common Vulnerability Exposure (CVE) ID: CVE-2018-3143
BugTraq ID: 105600
http://www.securityfocus.com/bid/105600
https://security.gentoo.org/glsa/201908-24
https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html
https://usn.ubuntu.com/3799-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3156
Common Vulnerability Exposure (CVE) ID: CVE-2018-3162
BugTraq ID: 105594
http://www.securityfocus.com/bid/105594
Common Vulnerability Exposure (CVE) ID: CVE-2018-3173
Common Vulnerability Exposure (CVE) ID: CVE-2018-3174
BugTraq ID: 105612
http://www.securityfocus.com/bid/105612
https://usn.ubuntu.com/3799-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3185
Common Vulnerability Exposure (CVE) ID: CVE-2018-3200
Common Vulnerability Exposure (CVE) ID: CVE-2018-3251
Common Vulnerability Exposure (CVE) ID: CVE-2018-3277
Common Vulnerability Exposure (CVE) ID: CVE-2018-3282
BugTraq ID: 105610
http://www.securityfocus.com/bid/105610
Common Vulnerability Exposure (CVE) ID: CVE-2018-3284
Common Vulnerability Exposure (CVE) ID: CVE-2019-2510
BugTraq ID: 106627
http://www.securityfocus.com/bid/106627
RedHat Security Advisories: RHSA-2019:2484
https://access.redhat.com/errata/RHSA-2019:2484
RedHat Security Advisories: RHSA-2019:2511
https://access.redhat.com/errata/RHSA-2019:2511
RedHat Security Advisories: RHSA-2019:3708
https://access.redhat.com/errata/RHSA-2019:3708
https://usn.ubuntu.com/3867-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-2537
BugTraq ID: 106619
http://www.securityfocus.com/bid/106619
https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.