SUSE-SU-2018:1781-2

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1781-2.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:1781-2
Related
Published
2018-10-18T12:44:42Z
Modified
2018-10-18T12:44:42Z
Summary
Security update for mariadb
Details

MariaDB was updated to 10.0.35 (bsc#1090518)

Notable changes:

  • PCRE updated to 8.42
  • XtraDB updated to 5.6.39-83.1
  • TokuDB updated to 5.6.39-83.1
  • InnoDB updated to 5.6.40
  • The embedded server library now supports SSL when connecting to remote servers [bsc#1088681], [CVE-2018-2767]
  • MDEV-15249 - Crash in MVCC read after IMPORT TABLESPACE
  • MDEV-14988 - innodbreadonly tries to modify files if transactions were recovered in COMMITTED state
  • MDEV-14773 - DROP TABLE hangs for InnoDB table with FULLTEXT index
  • MDEV-15723 - Crash in INFORMATIONSCHEMA.INNODBSYS_TABLES when accessing corrupted record
  • fixes for the following security vulnerabilities: CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2766, CVE-2018-2755, CVE-2018-2819, CVE-2018-2817, CVE-2018-2761, CVE-2018-2781, CVE-2018-2771, CVE-2018-2813

  • Release notes and changelog:

    • https://kb.askmonty.org/en/mariadb-10035-release-notes
    • https://kb.askmonty.org/en/mariadb-10035-changelog
References

Affected packages

SUSE:Linux Enterprise Server 12 SP2-BCL / mariadb

Package

Name
mariadb
Purl
purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.0.35-29.20.3

Ecosystem specific 

{
    "binaries": [
        {
            "libmysqlclient18": "10.0.35-29.20.3",
            "mariadb-errormessages": "10.0.35-29.20.3",
            "mariadb": "10.0.35-29.20.3",
            "libmysqlclient18-32bit": "10.0.35-29.20.3",
            "mariadb-client": "10.0.35-29.20.3",
            "mariadb-tools": "10.0.35-29.20.3"
        }
    ]
}