rh-mariadb100-mariadb-10.0.20-1.0.1.AXS4
エラータID: AXSA:2015-463:01
Release date:
Wednesday, September 16, 2015 - 16:08
Subject:
rh-mariadb100-mariadb-10.0.20-1.0.1.AXS4
Affected Channels:
Asianux Server 4 for x86_64
Severity:
High
Description:
MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.
Security issues fixed with this release:
CVE-2015-2582
CVE-2015-2611
CVE-2015-2617
CVE-2015-2620
CVE-2015-2639
CVE-2015-2641
CVE-2015-2643
CVE-2015-2648
CVE-2015-2661
CVE-2015-3152
CVE-2015-4737
CVE-2015-4752
CVE-2015-4756
CVE-2015-4757
CVE-2015-4761
CVE-2015-4767
CVE-2015-4769
CVE-2015-4771
CVE-2015-4772
Solution:
Update package.
CVEs:
CVE-2015-2582
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2015-2611
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-2617
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.
CVE-2015-2620
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
CVE-2015-2639
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.
CVE-2015-2641
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
CVE-2015-2643
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2015-2648
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-2661
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
CVE-2015-4737
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.
CVE-2015-4752
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.
CVE-2015-4756
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439.
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439.
CVE-2015-4757
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2015-4761
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
CVE-2015-4767
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.
CVE-2015-4769
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.
CVE-2015-4771
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.
CVE-2015-4772
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
Additional Info:
N/A
Download:
SRPMS
- rh-mariadb100-mariadb-10.0.20-1.0.1.AXS4.src.rpm
MD5: 7f20e409f8d3b9d41c7aa3b4fdfe8865
SHA-256: 2f87cf2a7831f87261113e192bd7ba192869df7fe16a316c3ddd187d697d42bf
Size: 48.71 MB
Asianux Server 4 for x86_64
- rh-mariadb100-mariadb-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: fdf4dfcbb69be8d8b758aa83b5918850
SHA-256: 8ec33e410601e4b7cf5e5df2b27682a21b12ff32b9bbc163ed9798cb01afb8e2
Size: 7.24 MB - rh-mariadb100-mariadb-bench-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: 663a5a64122de48f739d44ed2cfda26e
SHA-256: 2bf77723ee0e4604b37c28dbfed8dabfe6c522ae9b842bd38344adb0e83b64ec
Size: 403.70 kB - rh-mariadb100-mariadb-common-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: 3033c704a6662f292bce0d50be3f5c19
SHA-256: 1c5c2acc0101f6b49bf7b5145c301dc7972e8bab1913afffe6c4b54c5375fabd
Size: 68.61 kB - rh-mariadb100-mariadb-config-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: 01f0fde2be20983a12c5106a1d4134a0
SHA-256: 2f906001eebc45bfae298c85687ad6ae3c4c8b6b3f1f97c330542c576580e8eb
Size: 21.41 kB - rh-mariadb100-mariadb-devel-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: afb37167132c927096a22aaad4e2b31b
SHA-256: 1ea86e4edd994147577c7780b63ed05c35dc9ea5b3bc98b596ea92919adeb8aa
Size: 888.52 kB - rh-mariadb100-mariadb-errmsg-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: c14f0a53ad5ee6bf1b20e5ddc75aa7b4
SHA-256: ff057f974114a230dcec315301e58824897654694abc48c46a885de206103e47
Size: 247.07 kB - rh-mariadb100-mariadb-oqgraph-engine-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: ea7071112d934e3bbba6aad13cd10daf
SHA-256: 60e03a0f4d6c1bc72efc6ace34b204852934605232f3c73b0749bd7abf34ee91
Size: 86.05 kB - rh-mariadb100-mariadb-server-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: f9049a373f925f2c5fa92916b1ab6be2
SHA-256: 4da860cf3e7a5f9dae80c0f685cb175b99ab1f098d2fee10c54a344af38ad798
Size: 18.66 MB - rh-mariadb100-mariadb-test-10.0.20-1.0.1.AXS4.x86_64.rpm
MD5: dcaf7b4b4542c5f9a9f94944cf3f2108
SHA-256: acb807c297aa3d12d3d9478c3fdfc66158f9cbd0388f8814a01594694e22f978
Size: 10.25 MB