RHSA-2016:2131

Description

Red Hat Security Advisory: mariadb55-mariadb security update

CVSS Metrics

• v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•mariadb55-mariadb

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

• redhat•mariadb55-mariadb-bench

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

• redhat•mariadb55-mariadb-debuginfo

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

• redhat•mariadb55-mariadb-devel

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

• redhat•mariadb55-mariadb-libs

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

• redhat•mariadb55-mariadb-server

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

• redhat•mariadb55-mariadb-test

  < 0:5.5.53-1.el6 | < 0:5.5.53-1.el7

References (52)

• https://access.redhat.com/errata/RHSA-2016:2131
• https://access.redhat.com/security/updates/classification/#important
• http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
• https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/
• https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
• https://mariadb.com/kb/en/mariadb/mariadb-5553-release-notes/
• https://bugzilla.redhat.com/show_bug.cgi?id=1375198
• https://bugzilla.redhat.com/show_bug.cgi?id=1378936
• https://bugzilla.redhat.com/show_bug.cgi?id=1386554
• https://bugzilla.redhat.com/show_bug.cgi?id=1386561
• https://bugzilla.redhat.com/show_bug.cgi?id=1386562
• https://bugzilla.redhat.com/show_bug.cgi?id=1386566
• https://bugzilla.redhat.com/show_bug.cgi?id=1386568
• https://bugzilla.redhat.com/show_bug.cgi?id=1386572
• https://bugzilla.redhat.com/show_bug.cgi?id=1386585
• https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2131.json
• https://access.redhat.com/security/cve/CVE-2016-3492
• https://www.cve.org/CVERecord?id=CVE-2016-3492
• https://nvd.nist.gov/vuln/detail/CVE-2016-3492
• http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881724.html#AppendixMSQL
• https://access.redhat.com/security/cve/CVE-2016-5483
• https://bugzilla.redhat.com/show_bug.cgi?id=1433010
• https://www.cve.org/CVERecord?id=CVE-2016-5483
• https://nvd.nist.gov/vuln/detail/CVE-2016-5483
• https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/
• https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/
• https://access.redhat.com/security/cve/CVE-2016-5612
• https://www.cve.org/CVERecord?id=CVE-2016-5612
• https://nvd.nist.gov/vuln/detail/CVE-2016-5612
• https://access.redhat.com/security/cve/CVE-2016-5616
• https://www.cve.org/CVERecord?id=CVE-2016-5616
• https://nvd.nist.gov/vuln/detail/CVE-2016-5616
• https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.txt
• https://access.redhat.com/security/cve/CVE-2016-5624
• https://www.cve.org/CVERecord?id=CVE-2016-5624
• https://nvd.nist.gov/vuln/detail/CVE-2016-5624
• https://access.redhat.com/security/cve/CVE-2016-5626
• https://www.cve.org/CVERecord?id=CVE-2016-5626
• https://nvd.nist.gov/vuln/detail/CVE-2016-5626
• https://access.redhat.com/security/cve/CVE-2016-5629
• https://www.cve.org/CVERecord?id=CVE-2016-5629
• https://nvd.nist.gov/vuln/detail/CVE-2016-5629
• https://access.redhat.com/security/cve/CVE-2016-6662
• https://www.cve.org/CVERecord?id=CVE-2016-6662
• https://nvd.nist.gov/vuln/detail/CVE-2016-6662
• https://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.txt
• https://access.redhat.com/security/cve/CVE-2016-6663
• https://www.cve.org/CVERecord?id=CVE-2016-6663
• https://nvd.nist.gov/vuln/detail/CVE-2016-6663
• https://access.redhat.com/security/cve/CVE-2016-8283
• https://www.cve.org/CVERecord?id=CVE-2016-8283
• https://nvd.nist.gov/vuln/detail/CVE-2016-8283