RHSA-2016:2595

Description

Red Hat Security Advisory: mariadb security and bug fix update

CVSS Metrics

• v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•mariadb

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-bench

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-debuginfo

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-devel

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-embedded

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-embedded-devel

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-libs

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-server

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

• redhat•mariadb-test

  < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7 | < 1:5.5.52-1.el7

References (50)

• https://access.redhat.com/errata/RHSA-2016:2595
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/index.html
• http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
• https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/
• https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
• https://bugzilla.redhat.com/show_bug.cgi?id=1138843
• https://bugzilla.redhat.com/show_bug.cgi?id=1241623
• https://bugzilla.redhat.com/show_bug.cgi?id=1300621
• https://bugzilla.redhat.com/show_bug.cgi?id=1335863
• https://bugzilla.redhat.com/show_bug.cgi?id=1375198
• https://bugzilla.redhat.com/show_bug.cgi?id=1378936
• https://bugzilla.redhat.com/show_bug.cgi?id=1386554
• https://bugzilla.redhat.com/show_bug.cgi?id=1386561
• https://bugzilla.redhat.com/show_bug.cgi?id=1386562
• https://bugzilla.redhat.com/show_bug.cgi?id=1386566
• https://bugzilla.redhat.com/show_bug.cgi?id=1386568
• https://bugzilla.redhat.com/show_bug.cgi?id=1386572
• https://bugzilla.redhat.com/show_bug.cgi?id=1386585
• https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2595.json
• https://access.redhat.com/security/cve/CVE-2016-3492
• https://www.cve.org/CVERecord?id=CVE-2016-3492
• https://nvd.nist.gov/vuln/detail/CVE-2016-3492
• http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881724.html#AppendixMSQL
• https://access.redhat.com/security/cve/CVE-2016-5612
• https://www.cve.org/CVERecord?id=CVE-2016-5612
• https://nvd.nist.gov/vuln/detail/CVE-2016-5612
• https://access.redhat.com/security/cve/CVE-2016-5616
• https://www.cve.org/CVERecord?id=CVE-2016-5616
• https://nvd.nist.gov/vuln/detail/CVE-2016-5616
• https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.txt
• https://access.redhat.com/security/cve/CVE-2016-5624
• https://www.cve.org/CVERecord?id=CVE-2016-5624
• https://nvd.nist.gov/vuln/detail/CVE-2016-5624
• https://access.redhat.com/security/cve/CVE-2016-5626
• https://www.cve.org/CVERecord?id=CVE-2016-5626
• https://nvd.nist.gov/vuln/detail/CVE-2016-5626
• https://access.redhat.com/security/cve/CVE-2016-5629
• https://www.cve.org/CVERecord?id=CVE-2016-5629
• https://nvd.nist.gov/vuln/detail/CVE-2016-5629
• https://access.redhat.com/security/cve/CVE-2016-6662
• https://www.cve.org/CVERecord?id=CVE-2016-6662
• https://nvd.nist.gov/vuln/detail/CVE-2016-6662
• https://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.txt
• https://access.redhat.com/security/cve/CVE-2016-6663
• https://www.cve.org/CVERecord?id=CVE-2016-6663
• https://nvd.nist.gov/vuln/detail/CVE-2016-6663
• https://access.redhat.com/security/cve/CVE-2016-8283
• https://www.cve.org/CVERecord?id=CVE-2016-8283
• https://nvd.nist.gov/vuln/detail/CVE-2016-8283