mariadb-5.5.52-1.el7
エラータID: AXSA:2016-1117:03
MariaDB is a community developed branch of MySQL.
MariaDB is a multi-user, multi-threaded SQL database server.
It is a client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MariaDB/MySQL client programs and generic MySQL files.
Security issues fixed with this release:
CVE-2016-3492
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Optimizer.
CVE-2016-5612
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31
and earlier, and 5.7.13 and earlier allows remote authenticated users
to affect availability via vectors related to DML.
CVE-2016-5616
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: MyISAM.
CVE-2016-5624
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows
remote authenticated users to affect availability via vectors related
to DML.
CVE-2016-5626
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to GIS.
CVE-2016-5629
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote administrators to
affect availability via vectors related to Server: Federated.
CVE-2016-6662
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through
5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x
before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before
5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create
arbitrary configurations and bypass certain protection mechanisms by
setting general_log_file to a my.cnf configuration. NOTE: this can be
leveraged to execute arbitrary code with root privileges by setting
malloc_lib.
CVE-2016-6663
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-8283
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Types.
The following packages have been upgraded to a newer upstream version: mariadb (5.5.52).
Additional Changes:
Update packages.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
N/A
SRPMS
- mariadb-5.5.52-1.el7.src.rpm
MD5: 171c2fdbc7247b8c2f6d606bc068cd37
SHA-256: d134ad04267a8bf46256931a877d35e5b35e2e99c7afbefbbe9a0de3edfc3f84
Size: 38.94 MB
Asianux Server 7 for x86_64
- mariadb-5.5.52-1.el7.x86_64.rpm
MD5: 30eb8b6b66fa8ef96d0ad7927fc451d7
SHA-256: eb3fa0d0b5f978b596f3995c308c7ae2da792af342ac3fd1000fc640dbc46465
Size: 8.64 MB - mariadb-bench-5.5.52-1.el7.x86_64.rpm
MD5: f3e2bb40966d84e065811250f9457a25
SHA-256: 90123baa66bd41e4815e1f81386a2ca37bc6e3758cdeb01fdd08428f44da9857
Size: 385.66 kB - mariadb-devel-5.5.52-1.el7.x86_64.rpm
MD5: 67ac569000572748802b1fec6b2fc243
SHA-256: 8b7d4e40bd8f6361608bd765f7f8586d43eecc97c869c000c68013611df4a654
Size: 749.39 kB - mariadb-libs-5.5.52-1.el7.x86_64.rpm
MD5: 647713fd5ec22127d0c807dd07058b13
SHA-256: 328f5967cff7ab65d74cc5c29682cd61cfb36d95fca4ec6b866a17f747d35273
Size: 760.23 kB - mariadb-server-5.5.52-1.el7.x86_64.rpm
MD5: 8d4e7f74184da4025527e629b7178a89
SHA-256: 25115a9934928ba93474c40695ab45053cde8134bb71cb19fedde881e13c420f
Size: 10.74 MB - mariadb-test-5.5.52-1.el7.x86_64.rpm
MD5: e4428b36ccda9e852b608639a7043f0f
SHA-256: 6a4c2f8c19aa8427280057ac0a9c57cbd6c5ded078b3b6cd8617d9314aeb9623
Size: 8.06 MB - mariadb-devel-5.5.52-1.el7.i686.rpm
MD5: e14d322ca24ae5d8f9a6bf1106a4ae7e
SHA-256: a2e3a1e399efaa8fd5747cf0abfc7a563cef691c6bb70528ccef17741a77af6a
Size: 749.43 kB - mariadb-libs-5.5.52-1.el7.i686.rpm
MD5: 190061f2aa696740ce4b0d5173371eb7
SHA-256: 3094f420f09baf6a4ad22ef9916cb2018120dae276c36410b1686c4e873edee1
Size: 758.85 kB