SUSE-SU-2017:2921-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2921-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2017:2921-1
- Related
- Published
- 2017-11-02T12:09:44Z
- Modified
- 2017-11-02T12:09:44Z
- Summary
- Security update for mariadb
- Details
-
This update for mariadb fixes several issues.
These security issues were fixed:
- CVE-2017-3636: Client programs had an unspecified vulnerability that could lead to unauthorized access and denial of service [bsc#1049399]
- CVE-2017-3641: DDL unspecified vulnerability could lead to denial of service [bsc#1049404]
- CVE-2017-3653: DML Unspecified vulnerability could lead to unauthorized database access [bsc#1049417]
This non-security issues was fixed:
- Add ODBC support for Connect engine [bsc#1039034]
- fixed stack frame size detection for the bundled pcre [bsc#1058722]
- References
-
- https://www.suse.com/support/update/announcement/2017/suse-su-20172921-1/
- https://bugzilla.suse.com/1039034
- https://bugzilla.suse.com/1049399
- https://bugzilla.suse.com/1049404
- https://bugzilla.suse.com/1049417
- https://bugzilla.suse.com/1054591
- https://bugzilla.suse.com/1058722
- https://www.suse.com/security/cve/CVE-2017-3636
- https://www.suse.com/security/cve/CVE-2017-3641
- https://www.suse.com/security/cve/CVE-2017-3653
Affected packages
SUSE:Linux Enterprise Server for SAP Applications 12 / mariadb
Package
- Name
- mariadb
- Purl
- purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.32-20.36.1
Ecosystem specific
{
"binaries": [
{
"mariadb-errormessages": "10.0.32-20.36.1",
"libmysqld-devel": "10.0.32-20.36.1",
"libmysqlclient18": "10.0.32-20.36.1",
"mariadb-tools": "10.0.32-20.36.1",
"libmysqlclient_r18": "10.0.32-20.36.1",
"libmysqld18": "10.0.32-20.36.1",
"mariadb": "10.0.32-20.36.1",
"libmysqlclient18-32bit": "10.0.32-20.36.1",
"mariadb-client": "10.0.32-20.36.1",
"libmysqlclient-devel": "10.0.32-20.36.1"
}
]
}
SUSE:Linux Enterprise Server 12-LTSS / mariadb
Package
- Name
- mariadb
- Purl
- purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.32-20.36.1
Ecosystem specific
{
"binaries": [
{
"mariadb-errormessages": "10.0.32-20.36.1",
"libmysqld-devel": "10.0.32-20.36.1",
"libmysqlclient18": "10.0.32-20.36.1",
"mariadb-tools": "10.0.32-20.36.1",
"libmysqlclient_r18": "10.0.32-20.36.1",
"libmysqld18": "10.0.32-20.36.1",
"mariadb": "10.0.32-20.36.1",
"libmysqlclient18-32bit": "10.0.32-20.36.1",
"mariadb-client": "10.0.32-20.36.1",
"libmysqlclient-devel": "10.0.32-20.36.1"
}
]
}