OPENSUSE-SU-2019:0327-1
Vulnerability Summary
Timeline
Description
Security update for mariadb This update for mariadb to version 10.2.22 fixes the following issues: Security issues fixed: - CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service (bsc#1122198). - CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service (bsc#1122198). - CVE-2018-3284: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112377) - CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432) - CVE-2018-3277: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112391) - CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397) - CVE-2018-3200: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112404) - CVE-2018-3185: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112384) - CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368) - CVE-2018-3173: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112386) - CVE-2018-3162: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112415) - CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417) - CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421) - CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678) - CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342) - CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677) - CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM). (bsc#1101676) - CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882) Non-security issues fixed: - Fixed an issue where mysl_install_db fails due to incorrect basedir (bsc#1127027). - Fixed an issue where the lograte was not working (bsc#1112767). - Backport Information Schema CHECK_CONSTRAINTS Table. - Maximum value of table_definition_cache is now 2097152. - InnoDB ALTER TABLE fixes. - Galera crash recovery fixes. - Encryption fixes. - Remove xtrabackup dependency as MariaDB ships a build in mariabackup so xtrabackup is not needed (bsc#1122475). - Maria DB testsuite - test main.plugin_auth failed (bsc#1111859) - Maria DB testsuite - test encryption.second_plugin-12863 failed (bsc#1111858) - Remove PerconaFT from the package as it has AGPL licence (bsc#1118754) - remove PerconaFT from the package as it has AGPL licence (bsc#1118754) - Database corruption after renaming a prefix-indexed column (bsc#1120041) Release notes and changelog: - https://mariadb.com/kb/en/library/mariadb-10222-release-notes - https://mariadb.com/kb/en/library/mariadb-10222-changelog/ This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•mariadb&distro=openSUSE Leap 15.0
< 10.2.22-lp150.2.9.1
References (45)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZBIBDKV4Q445TSAAVXOJN365L7BQQWY6/#ZBIBDKV4Q445TSAAVXOJN365L7BQQWY6
- https://bugzilla.suse.com/1013882
- https://bugzilla.suse.com/1101676
- https://bugzilla.suse.com/1101677
- https://bugzilla.suse.com/1101678
- https://bugzilla.suse.com/1103342
- https://bugzilla.suse.com/1111858
- https://bugzilla.suse.com/1111859
- https://bugzilla.suse.com/1112368
- https://bugzilla.suse.com/1112377
- https://bugzilla.suse.com/1112384
- https://bugzilla.suse.com/1112386
- https://bugzilla.suse.com/1112391
- https://bugzilla.suse.com/1112397
- https://bugzilla.suse.com/1112404
- https://bugzilla.suse.com/1112415
- https://bugzilla.suse.com/1112417
- https://bugzilla.suse.com/1112421
- https://bugzilla.suse.com/1112432
- https://bugzilla.suse.com/1112767
- https://bugzilla.suse.com/1116686
- https://bugzilla.suse.com/1118754
- https://bugzilla.suse.com/1120041
- https://bugzilla.suse.com/1122198
- https://bugzilla.suse.com/1122475
- https://bugzilla.suse.com/1127027
- https://www.suse.com/security/cve/CVE-2016-9843
- https://www.suse.com/security/cve/CVE-2018-3058
- https://www.suse.com/security/cve/CVE-2018-3060
- https://www.suse.com/security/cve/CVE-2018-3063
- https://www.suse.com/security/cve/CVE-2018-3064
- https://www.suse.com/security/cve/CVE-2018-3066
- https://www.suse.com/security/cve/CVE-2018-3143
- https://www.suse.com/security/cve/CVE-2018-3156
- https://www.suse.com/security/cve/CVE-2018-3162
- https://www.suse.com/security/cve/CVE-2018-3173
- https://www.suse.com/security/cve/CVE-2018-3174
- https://www.suse.com/security/cve/CVE-2018-3185
- https://www.suse.com/security/cve/CVE-2018-3200
- https://www.suse.com/security/cve/CVE-2018-3251
- https://www.suse.com/security/cve/CVE-2018-3277
- https://www.suse.com/security/cve/CVE-2018-3282
- https://www.suse.com/security/cve/CVE-2018-3284
- https://www.suse.com/security/cve/CVE-2019-2510
- https://www.suse.com/security/cve/CVE-2019-2537