SUSE-SU-2018:3972-1
- Source
- https://www.suse.com/support/update/announcement/2018/suse-su-20183972-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:3972-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:3972-1
- Related
- Published
- 2018-12-04T16:26:19Z
- Modified
- 2018-12-04T16:26:19Z
- Summary
- Security update for mariadb
- Details
-
This update for mariadb fixes the following issues:
Update to MariaDB 10.0.37 GA (bsc#1116686).
Security issues fixed:
- CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432)
- CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397)
- CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368)
- CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417)
- CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421)
- CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678)
- CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342)
- CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677)
- CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM). (bsc#1101676)
- CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)
Release notes and changelog:
- https://kb.askmonty.org/en/mariadb-10037-release-notes
- https://kb.askmonty.org/en/mariadb-10037-changelog
- https://kb.askmonty.org/en/mariadb-10036-release-notes
- https://kb.askmonty.org/en/mariadb-10036-changelog
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20183972-1/
- https://bugzilla.suse.com/1013882
- https://bugzilla.suse.com/1101676
- https://bugzilla.suse.com/1101677
- https://bugzilla.suse.com/1101678
- https://bugzilla.suse.com/1103342
- https://bugzilla.suse.com/1112368
- https://bugzilla.suse.com/1112397
- https://bugzilla.suse.com/1112417
- https://bugzilla.suse.com/1112421
- https://bugzilla.suse.com/1112432
- https://bugzilla.suse.com/1116686
- https://www.suse.com/security/cve/CVE-2016-9843
- https://www.suse.com/security/cve/CVE-2018-3058
- https://www.suse.com/security/cve/CVE-2018-3063
- https://www.suse.com/security/cve/CVE-2018-3064
- https://www.suse.com/security/cve/CVE-2018-3066
- https://www.suse.com/security/cve/CVE-2018-3143
- https://www.suse.com/security/cve/CVE-2018-3156
- https://www.suse.com/security/cve/CVE-2018-3174
- https://www.suse.com/security/cve/CVE-2018-3251
- https://www.suse.com/security/cve/CVE-2018-3282
Affected packages
SUSE:Linux Enterprise Server 12-LTSS / mariadb
Package
- Name
- mariadb
- Purl
- purl:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.37-20.49.2
Ecosystem specific
{
"binaries": [
{
"mariadb-errormessages": "10.0.37-20.49.2",
"libmysqld-devel": "10.0.37-20.49.2",
"libmysqlclient18": "10.0.37-20.49.2",
"mariadb-tools": "10.0.37-20.49.2",
"libmysqlclient_r18": "10.0.37-20.49.2",
"libmysqld18": "10.0.37-20.49.2",
"mariadb": "10.0.37-20.49.2",
"libmysqlclient18-32bit": "10.0.37-20.49.2",
"mariadb-client": "10.0.37-20.49.2",
"libmysqlclient-devel": "10.0.37-20.49.2"
}
]
}