mariadb-5.5.50-1.el7

エラータID: AXSA:2016-617:02

Release date: 
Friday, August 12, 2016 - 03:34
Subject: 
mariadb-5.5.50-1.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

MariaDB is a community developed branch of MySQL.
MariaDB is a multi-user, multi-threaded SQL database server.
It is a client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MariaDB/MySQL client programs and generic MySQL files.

Security issues fixed with this release:

CVE-2016-0640
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x
before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect
integrity and availability via vectors related to DML.
CVE-2016-0641
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x
before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect
confidentiality and availability via vectors related to MyISAM.
CVE-2016-0643
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29
and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x
before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect
confidentiality via vectors related to DML.
CVE-2016-0644
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x
before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect
availability via vectors related to DDL.
CVE-2016-0646
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x
before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect
availability via vectors related to DML.
CVE-2016-0647
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29
and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x
before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect
availability via vectors related to FTS.
CVE-2016-0648
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29
and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x
before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect
availability via vectors related to PS.
CVE-2016-0649
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x
before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect
availability via vectors related to PS.
CVE-2016-0650
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x
before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect
availability via vectors related to Replication.
CVE-2016-0666
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29
and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x
before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect
availability via vectors related to Security: Privileges.
CVE-2016-3452
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29
and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x
before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to
affect confidentiality via vectors related to Server: Security:
Encryption.
CVE-2016-3477
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30
and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x
before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: Parser.
CVE-2016-3521
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30
and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x
before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated
users to affect availability via vectors related to Server: Types.
CVE-2016-3615
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30
and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x
before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated
users to affect availability via vectors related to Server: DML.
CVE-2016-5440
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30
and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x
before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators
to affect availability via vectors related to Server: RBR.
CVE-2016-5444
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29
and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x
before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to
affect confidentiality via vectors related to Server: Connection.

The following packages have been upgraded to a newer upstream version: mariadb (5.5.50).

Solution: 

Update packages.

CVEs: 
CVE-2016-0640
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
CVE-2016-0641
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.
CVE-2016-0643
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.
CVE-2016-0644
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
CVE-2016-0646
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.
CVE-2016-0647
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.
CVE-2016-0648
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.
CVE-2016-0649
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.
CVE-2016-0650
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.
CVE-2016-0666
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
CVE-2016-3452
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.
CVE-2016-3477
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.
CVE-2016-3521
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2016-3615
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
CVE-2016-5440
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
CVE-2016-5444
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.
Additional Info: 

N/A

Download: 

SRPMS
  1. mariadb-5.5.50-1.el7.src.rpm
    MD5: 103735c7de18ab196da7747522641c2d
    SHA-256: a985bca0085f42df7e02a65c558a17c45666eb4acb207eaa65af71aae7db808e
    Size: 38.91 MB

Asianux Server 7 for x86_64
  1. mariadb-5.5.50-1.el7.x86_64.rpm
    MD5: 81cef7c34aecf28bbb1554f5aa0aff08
    SHA-256: fe2b1e5da51e09ad6d8f5d5512b5ee2ceff84f19eb0bca6b9cec33e8c69e9335
    Size: 8.64 MB
  2. mariadb-bench-5.5.50-1.el7.x86_64.rpm
    MD5: 3ecf85b8b304c69be4735e3c57c6345a
    SHA-256: 0185b35ed63fe1a71a7a710fac729208fc34b3787e3a9709bce6d6bbf212e35c
    Size: 384.98 kB
  3. mariadb-devel-5.5.50-1.el7.x86_64.rpm
    MD5: 8e9e668a7f7e6337717bc8960cd35848
    SHA-256: d33537d7dcbf4370602a3fb8b3afb022299d4657bd48c8dec182f415cd15f25d
    Size: 748.60 kB
  4. mariadb-libs-5.5.50-1.el7.x86_64.rpm
    MD5: 8bec7c44a871e8e8e3e058370ea67af5
    SHA-256: 94bfa88b73e6741f32464616cb8ed00c0cadff1398d3269613ee0114719879ee
    Size: 754.53 kB
  5. mariadb-server-5.5.50-1.el7.x86_64.rpm
    MD5: c7a674b1dac3b66005143be077ef12a8
    SHA-256: f547f7645eb486e08a921e213637ebc59b305acf9475067e4e40d09a4ccc8de2
    Size: 10.74 MB
  6. mariadb-test-5.5.50-1.el7.x86_64.rpm
    MD5: c1ccb45e1699daeb50bc01cf9d863ab2
    SHA-256: 4e272685dfadd0f8f879fe7c9dea1f00a3a6d4b2085aba33c1935bc78be52038
    Size: 8.05 MB
  7. mariadb-devel-5.5.50-1.el7.i686.rpm
    MD5: 9e03ee365ea94ad675c98ff8bcd2823b
    SHA-256: 5633d7b7074776b92756d033e63901708bacec866b7c3f1c173b7a5e57ffdd33
    Size: 748.64 kB
  8. mariadb-libs-5.5.50-1.el7.i686.rpm
    MD5: b2edf702ceb33b168922e1523bb1bd9d
    SHA-256: bece44527aec6f28610e5881edeeea1da786b4de0c633902ffe2d656f875ad62
    Size: 753.02 kB