rh-mariadb100-mariadb-10.0.28-5.AXS4
エラータID: AXSA:2016-1176:03
MariaDB is a community developed branch of MySQL.
MariaDB is a multi-user, multi-threaded SQL database server.
It is a client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MariaDB/MySQL client programs and generic MySQL files.
Security issues fixed with this release:
CVE-2016-3492
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Optimizer.
CVE-2016-5612
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31
and earlier, and 5.7.13 and earlier allows remote authenticated users
to affect availability via vectors related to DML.
CVE-2016-5616
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows local users to affect
confidentiality, integrity, and availability via vectors related to
Server: MyISAM.
CVE-2016-5624
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows
remote authenticated users to affect availability via vectors related
to DML.
CVE-2016-5626
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to GIS.
CVE-2016-5629
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote administrators to
affect availability via vectors related to Server: Federated.
CVE-2016-5630
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and
5.7.13 and earlier allows remote administrators to affect availability
via vectors related to Server: InnoDB.
CVE-2016-6662
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through
5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x
before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before
5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create
arbitrary configurations and bypass certain protection mechanisms by
setting general_log_file to a my.cnf configuration. NOTE: this can be
leveraged to execute arbitrary code with root privileges by setting
malloc_lib.
CVE-2016-6663
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-8283
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32
and earlier, and 5.7.14 and earlier allows remote authenticated users
to affect availability via vectors related to Server: Types.
The following packages have been upgraded to a newer upstream version: rh-mariadb100-mariadb (10.0.28).
Update packages.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
N/A
SRPMS
- rh-mariadb100-mariadb-10.0.28-5.AXS4.src.rpm
MD5: 5bfb61d7c6adf25110783bfbd5c9f14d
SHA-256: 3e48fdcc963e340cfb685a68db77f75035b5d89274a091fb31af0ed2243c8356
Size: 55.05 MB
Asianux Server 4 for x86_64
- rh-mariadb100-mariadb-10.0.28-5.AXS4.x86_64.rpm
MD5: 276c404a981b90925025fd4671cb5a9c
SHA-256: 372b5cf3b982cf9020bc0756ed28e42bf90288880c0868698c66647f0c31b605
Size: 6.99 MB - rh-mariadb100-mariadb-bench-10.0.28-5.AXS4.x86_64.rpm
MD5: ac4f6cc40f761fa3c1725632f749a4bd
SHA-256: 324baf0eca88fdf434f92057cd21fd50ebbc8c660c5a80f6236a63313c262dad
Size: 405.31 kB - rh-mariadb100-mariadb-common-10.0.28-5.AXS4.x86_64.rpm
MD5: b5588f6b72c7802dc4a30d8eeedaf8f9
SHA-256: 6dd280f99894683097242814df29af1dda6560041121ccf4103f07957e1080f0
Size: 70.25 kB - rh-mariadb100-mariadb-config-10.0.28-5.AXS4.x86_64.rpm
MD5: 0d8ae204db343f0a3f4513d977fcd0e3
SHA-256: ab8030107b980c012067c0a3a4c6f07a03375cea14640a5df2774566b5501fd4
Size: 23.02 kB - rh-mariadb100-mariadb-devel-10.0.28-5.AXS4.x86_64.rpm
MD5: 3b865b42b482c5878776e608a34434b7
SHA-256: a095a6f8378ce960548b5e041ca5a3fedcd22fddbe73ce70345f83473b49325f
Size: 892.37 kB - rh-mariadb100-mariadb-errmsg-10.0.28-5.AXS4.x86_64.rpm
MD5: 0a451584c4d2fbce8e1649fd79a78894
SHA-256: a80aaa6acae1dd11165d98fdadd3fdebcdb2d10d1d58e8b2aa433772c6b98ec5
Size: 248.79 kB - rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.AXS4.x86_64.rpm
MD5: 62883bac506b4d5e5441c57efd825bd7
SHA-256: 012e20018d66435091b6d653502130017a72b9a99102c869225123fdf166757d
Size: 88.70 kB - rh-mariadb100-mariadb-server-10.0.28-5.AXS4.x86_64.rpm
MD5: 0edc8dbfcf36d4e71c5aa92274da8a75
SHA-256: 7867b14d2143efc6dbe53919a9409583f8a3840a5df0551785c3680f427c1739
Size: 18.67 MB - rh-mariadb100-mariadb-test-10.0.28-5.AXS4.x86_64.rpm
MD5: cd0d76d0c8a0d1638db9d368191334e5
SHA-256: 7a390f080f00cbf27f5a1f6cf2b356273cdd1bbf2d7675e94eea28af7d27964c
Size: 10.35 MB