SUSE-SU-2018:1853-1
- Source
- https://www.suse.com/support/update/announcement/2018/suse-su-20181853-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1853-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:1853-1
- Related
- Published
- 2018-06-29T15:40:54Z
- Modified
- 2018-06-29T15:40:54Z
- Summary
- Recommended update for mariadb
- Details
-
This MariaDB update to version 10.2.15 brings the following fixes and improvements.
Security issues:
- CVE-2018-2767: The embedded server library now supports SSL when connecting to remote servers (bsc#1088681).
- Collected CVEs fixes:
- 10.2.15: CVE-2018-2786, CVE-2018-2759, CVE-2018-2777, CVE-2018-2810, CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2766, CVE-2018-2755, CVE-2018-2819, CVE-2018-2817, CVE-2018-2761, CVE-2018-2781, CVE-2018-2771, CVE-2018-2813
- 10.2.13: CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2612
- 10.2.10: CVE-2017-10378, CVE-2017-10268, CVE-2017-15365
- 10.2.8: CVE-2017-3636, CVE-2017-3641, CVE-2017-3653, CVE-2017-10320, CVE-2017-10365, CVE-2017-10379, CVE-2017-10384, CVE-2017-10286, CVE-2017-3257
- 10.2.6: CVE-2017-3308, CVE-2017-3309, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464
- 10.2.5: CVE-2017-3313, CVE-2017-3302
Bugfixes:
- bsc#1092544: Update suseskippedtests.list and add tests that are failing with GCC 8.
- bsc#1012075: MariaDB Test Suite issue with test sysvars.securefile_priv.test.
- bsc#1019948: mariadb even tumbleweed version is super old.
- bsc#1039034: no ODBC support in MariaDB Server.
- bsc#1041891: Make mariadb tests pass and exclude failures.
- bsc#1042632: Mariadb fails to build with openssl-1.1.
- bsc#1043328: Update mariadb in TW to 10.2 and drop comat with mysql.
- bsc#1047218: trackerbug: packages do not build reproducibly from including build time.
- bsc#1055165: mariadb build with cassandra enabled.
- bsc#1055268: MariaDB configurations are not overwritable.
- bsc#1058374: Use bind-address directive and SSL section settings in default my.cnf.
- bsc#1058729: MariaDB - mysql-test - connect.drop-open-error is failing (regression).
- bsc#1060110: The mariadb install script depends on hostname but does not require it.
- bsc#1062583: Stop using boost-devel.
- bsc#1067443: incomplete revert of the mariadb service rename.
- bsc#1068906: MariaDB: ALTER TABLE can't rename columns with CHECK constraints.
- bsc#1069401: Database failed apply with mariadb 10.2 : RuntimeError: Galera cluster did not start after 600 seconds.
- bsc#1080891: server:database/mariadb: up-streaming patches.
- bsc#1083087: Galera bootstrap failes work after MariaDB 10.2.13 upgrade.
- bsc#1082318: mariadb-connector-c.changes and xtrabackup need to use %doc instead of %license.
Release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10215-release-notes
- https://mariadb.com/kb/en/library/mariadb-10215-changelog
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20181853-1/
- https://bugzilla.suse.com/1012075
- https://bugzilla.suse.com/1019948
- https://bugzilla.suse.com/1039034
- https://bugzilla.suse.com/1041891
- https://bugzilla.suse.com/1042632
- https://bugzilla.suse.com/1043328
- https://bugzilla.suse.com/1047218
- https://bugzilla.suse.com/1055165
- https://bugzilla.suse.com/1055268
- https://bugzilla.suse.com/1058374
- https://bugzilla.suse.com/1058729
- https://bugzilla.suse.com/1060110
- https://bugzilla.suse.com/1062583
- https://bugzilla.suse.com/1067443
- https://bugzilla.suse.com/1068906
- https://bugzilla.suse.com/1069401
- https://bugzilla.suse.com/1080891
- https://bugzilla.suse.com/1082318
- https://bugzilla.suse.com/1083087
- https://bugzilla.suse.com/1088681
- https://bugzilla.suse.com/1092544
- https://bugzilla.suse.com/1093130
- https://www.suse.com/security/cve/CVE-2017-10268
- https://www.suse.com/security/cve/CVE-2017-10286
- https://www.suse.com/security/cve/CVE-2017-10320
- https://www.suse.com/security/cve/CVE-2017-10365
- https://www.suse.com/security/cve/CVE-2017-10378
- https://www.suse.com/security/cve/CVE-2017-10379
- https://www.suse.com/security/cve/CVE-2017-10384
- https://www.suse.com/security/cve/CVE-2017-15365
- https://www.suse.com/security/cve/CVE-2017-3257
- https://www.suse.com/security/cve/CVE-2017-3302
- https://www.suse.com/security/cve/CVE-2017-3308
- https://www.suse.com/security/cve/CVE-2017-3309
- https://www.suse.com/security/cve/CVE-2017-3313
- https://www.suse.com/security/cve/CVE-2017-3453
- https://www.suse.com/security/cve/CVE-2017-3456
- https://www.suse.com/security/cve/CVE-2017-3464
- https://www.suse.com/security/cve/CVE-2017-3636
- https://www.suse.com/security/cve/CVE-2017-3641
- https://www.suse.com/security/cve/CVE-2017-3653
- https://www.suse.com/security/cve/CVE-2018-2562
- https://www.suse.com/security/cve/CVE-2018-2612
- https://www.suse.com/security/cve/CVE-2018-2622
- https://www.suse.com/security/cve/CVE-2018-2640
- https://www.suse.com/security/cve/CVE-2018-2665
- https://www.suse.com/security/cve/CVE-2018-2668
- https://www.suse.com/security/cve/CVE-2018-2755
- https://www.suse.com/security/cve/CVE-2018-2759
- https://www.suse.com/security/cve/CVE-2018-2761
- https://www.suse.com/security/cve/CVE-2018-2766
- https://www.suse.com/security/cve/CVE-2018-2767
- https://www.suse.com/security/cve/CVE-2018-2771
- https://www.suse.com/security/cve/CVE-2018-2777
- https://www.suse.com/security/cve/CVE-2018-2781
- https://www.suse.com/security/cve/CVE-2018-2782
- https://www.suse.com/security/cve/CVE-2018-2784
- https://www.suse.com/security/cve/CVE-2018-2786
- https://www.suse.com/security/cve/CVE-2018-2787
- https://www.suse.com/security/cve/CVE-2018-2810
- https://www.suse.com/security/cve/CVE-2018-2813
- https://www.suse.com/security/cve/CVE-2018-2817
- https://www.suse.com/security/cve/CVE-2018-2819
Affected packages
SUSE:OpenStack Cloud 7 / galera-3
Package
- Name
- galera-3
- Purl
- purl:rpm/suse/galera-3&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed25.3.23-8.3
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.15-7.1",
"mariadb-errormessages": "10.2.15-7.1",
"mariadb-tools": "10.2.15-7.1",
"ruby2.1-rubygem-mysql2": "0.4.10-7.2",
"galera-3-wsrep-provider": "25.3.23-8.3",
"mariadb": "10.2.15-7.1",
"xtrabackup": "2.4.10-5.3",
"mariadb-client": "10.2.15-7.1",
"libmariadb3": "3.0.3-1.3.3"
}
]
}
SUSE:OpenStack Cloud 7 / mariadb
Package
- Name
- mariadb
- Purl
- purl:rpm/suse/mariadb&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.2.15-7.1
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.15-7.1",
"mariadb-errormessages": "10.2.15-7.1",
"mariadb-tools": "10.2.15-7.1",
"ruby2.1-rubygem-mysql2": "0.4.10-7.2",
"galera-3-wsrep-provider": "25.3.23-8.3",
"mariadb": "10.2.15-7.1",
"xtrabackup": "2.4.10-5.3",
"mariadb-client": "10.2.15-7.1",
"libmariadb3": "3.0.3-1.3.3"
}
]
}
SUSE:OpenStack Cloud 7 / mariadb-connector-c
Package
- Name
- mariadb-connector-c
- Purl
- purl:rpm/suse/mariadb-connector-c&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.3-1.3.3
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.15-7.1",
"mariadb-errormessages": "10.2.15-7.1",
"mariadb-tools": "10.2.15-7.1",
"ruby2.1-rubygem-mysql2": "0.4.10-7.2",
"galera-3-wsrep-provider": "25.3.23-8.3",
"mariadb": "10.2.15-7.1",
"xtrabackup": "2.4.10-5.3",
"mariadb-client": "10.2.15-7.1",
"libmariadb3": "3.0.3-1.3.3"
}
]
}
SUSE:OpenStack Cloud 7 / rubygem-mysql2
Package
- Name
- rubygem-mysql2
- Purl
- purl:rpm/suse/rubygem-mysql2&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.4.10-7.2
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.15-7.1",
"mariadb-errormessages": "10.2.15-7.1",
"mariadb-tools": "10.2.15-7.1",
"ruby2.1-rubygem-mysql2": "0.4.10-7.2",
"galera-3-wsrep-provider": "25.3.23-8.3",
"mariadb": "10.2.15-7.1",
"xtrabackup": "2.4.10-5.3",
"mariadb-client": "10.2.15-7.1",
"libmariadb3": "3.0.3-1.3.3"
}
]
}
SUSE:OpenStack Cloud 7 / xtrabackup
Package
- Name
- xtrabackup
- Purl
- purl:rpm/suse/xtrabackup&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.4.10-5.3
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.15-7.1",
"mariadb-errormessages": "10.2.15-7.1",
"mariadb-tools": "10.2.15-7.1",
"ruby2.1-rubygem-mysql2": "0.4.10-7.2",
"galera-3-wsrep-provider": "25.3.23-8.3",
"mariadb": "10.2.15-7.1",
"xtrabackup": "2.4.10-5.3",
"mariadb-client": "10.2.15-7.1",
"libmariadb3": "3.0.3-1.3.3"
}
]
}