openSUSE-SU-2020:0289-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0289-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0289-1
- Related
- Published
- 2020-03-02T23:15:05Z
- Modified
- 2020-03-02T23:15:05Z
- Summary
- Security update for mariadb
- Details
-
This update for mariadb fixes the following issues:
MariaDB was updated to version 10.2.31 GA (bsc#1162388).
Security issues fixed:
- CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388).
- CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895).
- Enabled security hardenings in MariaDB's systemd service, namely ProtectSystem, ProtectHome and UMask (bsc#1160878).
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2WWOUCCIRD2P3YRI5GU76EFPRT63XZMG/
- https://bugzilla.suse.com/1160878
- https://bugzilla.suse.com/1160883
- https://bugzilla.suse.com/1160895
- https://bugzilla.suse.com/1160912
- https://bugzilla.suse.com/1162388
- https://www.suse.com/security/cve/CVE-2019-18901
- https://www.suse.com/security/cve/CVE-2020-2574
Affected packages
openSUSE:Leap 15.1 / mariadb
Package
- Name
- mariadb
- Purl
- purl:rpm/suse/mariadb&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.2.31-lp151.2.12.1
Ecosystem specific
{
"binaries": [
{
"mariadb-galera": "10.2.31-lp151.2.12.1",
"mariadb-errormessages": "10.2.31-lp151.2.12.1",
"libmysqld-devel": "10.2.31-lp151.2.12.1",
"mariadb-tools": "10.2.31-lp151.2.12.1",
"libmysqld19": "10.2.31-lp151.2.12.1",
"mariadb-bench": "10.2.31-lp151.2.12.1",
"mariadb-test": "10.2.31-lp151.2.12.1",
"mariadb": "10.2.31-lp151.2.12.1",
"mariadb-client": "10.2.31-lp151.2.12.1"
}
]
}