MGASA-2015-0279
Advisory lineage Upstream: 7 Downstream: 0
Published: 27 Jul 2015, 09:53
Last modified:16 Apr 2026, 06:24
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
27 Jul 2015, 09:53
Published
Vulnerability first disclosed
16 Apr 2026, 06:24
Last Modified
Vulnerability information updated
Description
Updated mariadb package fixes security vulnerabilities The mariadb package has been updated to versions 5.5.44 and 10.0.20 in Mageia 4 and Mageia 5, respectively. Both fix an issue where the client is vulnerable to a man-in-the-middle attack when using the --ssl option, where the SSL/TLS protection could be disabled (CVE-2015-3152). The Mageia 4 update also fixes other unspecified security issues, such as CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, and CVE-2015-4752. Refer to the Oracle Critical Patch Update for details.
Affected Systems
- mageia•mariadb
< 5.5.44-1.mga4
- mageia•mariadb
< 10.0.20-1.mga5
References (6)
- https://advisories.mageia.org/MGASA-2015-0279.html
- https://bugs.mageia.org/show_bug.cgi?id=16146
- https://mariadb.com/kb/en/mariadb/mariadb-5544-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10020-release-notes/
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html