openSUSE-SU-2019:1915-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:1915-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2019:1915-1
- Related
- Published
- 2019-08-15T09:49:14Z
- Modified
- 2019-08-15T09:49:14Z
- Summary
- Security update for mariadb, mariadb-connector-c
- Details
-
This update for mariadb and mariadb-connector-c fixes the following issues:
mariadb:
- Update to version 10.2.25 (bsc#1136035)
- CVE-2019-2628: Fixed a remote denial of service by an privileged attacker (bsc#1136035).
- CVE-2019-2627: Fixed another remote denial of service by an privileged attacker (bsc#1136035).
- CVE-2019-2614: Fixed a potential remote denial of service by an privileged attacker (bsc#1136035).
- Fixed reading options for multiple instances if my${INSTANCE}.cnf is used (bsc#1132666)
mariadb-connector-c:
- Update to version 3.1.2 (bsc#1136035)
- Moved libmariadb.pc from /usr/lib/pkgconfig to /usr/lib64/pkgconfig for x86_64 (bsc#1126088)
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OXQKXAPAJJT33LGJQ6CM5JKXLFJQB3SV/#OXQKXAPAJJT33LGJQ6CM5JKXLFJQB3SV
- https://bugzilla.suse.com/1126088
- https://bugzilla.suse.com/1132666
- https://bugzilla.suse.com/1136035
- https://www.suse.com/security/cve/CVE-2019-2614
- https://www.suse.com/security/cve/CVE-2019-2627
- https://www.suse.com/security/cve/CVE-2019-2628
Affected packages
openSUSE:Leap 15.0 / mariadb
Package
- Name
- mariadb
- Purl
- purl:rpm/suse/mariadb&distro=openSUSE%20Leap%2015.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.2.25-lp150.2.13.1
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.25-lp150.2.13.1",
"libmariadbprivate": "3.1.2-lp150.10.1",
"libmariadb3-32bit": "3.1.2-lp150.10.1",
"libmariadb-devel": "3.1.2-lp150.10.1",
"libmysqld19": "10.2.25-lp150.2.13.1",
"mariadb-bench": "10.2.25-lp150.2.13.1",
"mariadb": "10.2.25-lp150.2.13.1",
"mariadb-client": "10.2.25-lp150.2.13.1",
"libmariadb3": "3.1.2-lp150.10.1",
"libmariadb_plugins": "3.1.2-lp150.10.1",
"mariadb-errormessages": "10.2.25-lp150.2.13.1",
"libmysqld-devel": "10.2.25-lp150.2.13.1",
"mariadb-tools": "10.2.25-lp150.2.13.1",
"mariadb-test": "10.2.25-lp150.2.13.1"
}
]
}
openSUSE:Leap 15.0 / mariadb-connector-c
Package
- Name
- mariadb-connector-c
- Purl
- purl:rpm/suse/mariadb-connector-c&distro=openSUSE%20Leap%2015.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.1.2-lp150.10.1
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.25-lp150.2.13.1",
"libmariadbprivate": "3.1.2-lp150.10.1",
"libmariadb3-32bit": "3.1.2-lp150.10.1",
"libmariadb-devel": "3.1.2-lp150.10.1",
"libmysqld19": "10.2.25-lp150.2.13.1",
"mariadb-bench": "10.2.25-lp150.2.13.1",
"mariadb": "10.2.25-lp150.2.13.1",
"mariadb-client": "10.2.25-lp150.2.13.1",
"libmariadb3": "3.1.2-lp150.10.1",
"libmariadb_plugins": "3.1.2-lp150.10.1",
"mariadb-errormessages": "10.2.25-lp150.2.13.1",
"libmysqld-devel": "10.2.25-lp150.2.13.1",
"mariadb-tools": "10.2.25-lp150.2.13.1",
"mariadb-test": "10.2.25-lp150.2.13.1"
}
]
}