SUSE-SU-2016:2404-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:2404-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2016:2404-1

Related

CVE-2016-6662

Published

2016-09-27T15:49:29Z

Modified

2016-09-27T15:49:29Z

Summary

Security update for mariadb

Details

This update for mariadb to 1.0.0.27 fixes the following issues:

Security issue fixed:

CVE-2016-6662: A malicious user with SQL and filesystem access could create a my.cnf in the datadir and, under certain circumstances, execute arbitrary code as mysql (or even root) user. (bsc#998309)
release notes:
- https://kb.askmonty.org/en/mariadb-10027-release-notes
changelog:
- https://kb.askmonty.org/en/mariadb-10027-changelog

Bugs fixed:

Make ORDER BY optimization functions take into account multiple equalities. (bsc#949520)

References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP1 / mariadb

Package

Name: mariadb
Purl: purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.0.27-12.1

Ecosystem specific

{
    "binaries": [
        {
            "libmysqlclient_r18-32bit": "10.0.27-12.1",
            "mariadb-errormessages": "10.0.27-12.1",
            "libmysqlclient18": "10.0.27-12.1",
            "libmysqlclient_r18": "10.0.27-12.1",
            "mariadb": "10.0.27-12.1",
            "libmysqlclient18-32bit": "10.0.27-12.1",
            "mariadb-client": "10.0.27-12.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP1 / mariadb

Package

Name: mariadb
Purl: purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.0.27-12.1

Ecosystem specific

{
    "binaries": [
        {
            "libmysqlclient_r18": "10.0.27-12.1",
            "libmysqld18": "10.0.27-12.1",
            "libmysqld-devel": "10.0.27-12.1",
            "libmysqlclient-devel": "10.0.27-12.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1 / mariadb

Package

Name: mariadb
Purl: purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.0.27-12.1

Ecosystem specific

{
    "binaries": [
        {
            "libmysqlclient18": "10.0.27-12.1",
            "mariadb-errormessages": "10.0.27-12.1",
            "mariadb": "10.0.27-12.1",
            "libmysqlclient18-32bit": "10.0.27-12.1",
            "mariadb-client": "10.0.27-12.1",
            "mariadb-tools": "10.0.27-12.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / mariadb

Package

Name: mariadb
Purl: purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.0.27-12.1

Ecosystem specific

{
    "binaries": [
        {
            "libmysqlclient18": "10.0.27-12.1",
            "mariadb-errormessages": "10.0.27-12.1",
            "mariadb": "10.0.27-12.1",
            "libmysqlclient18-32bit": "10.0.27-12.1",
            "mariadb-client": "10.0.27-12.1",
            "mariadb-tools": "10.0.27-12.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP1 / mariadb

Package

Name: mariadb
Purl: purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.0.27-12.1

Ecosystem specific

{
    "binaries": [
        {
            "libmysqlclient_r18": "10.0.27-12.1",
            "libmysqlclient_r18-32bit": "10.0.27-12.1"
        }
    ]
}