SUSE-SU-2015:1273-1

Advisory lineage Upstream: 12 Downstream: 0
Published: 21 Jul 2015, 11:08
Last modified:02 May 2025, 04:04

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 Jul 2015, 11:08
Published
Vulnerability first disclosed
02 May 2025, 04:04
Last Modified
Vulnerability information updated

Description

Security update for mariadb This update fixes the following security issues: * Logjam attack: mysql uses 512 bit dh groups in SSL [bnc#934789] * CVE-2015-3152: mysql --ssl does not enforce SSL [bnc#924663] * CVE-2014-8964: heap buffer overflow [bnc#906574] * CVE-2015-2325: heap buffer overflow in compile_branch() [bnc#924960] * CVE-2015-2326: heap buffer overflow in pcre_compile2() [bnc#924961] * CVE-2015-0501: unspecified vulnerability related to Server:Compiling (CPU April 2015) * CVE-2015-2571: unspecified vulnerability related to Server:Optimizer (CPU April 2015) * CVE-2015-0505: unspecified vulnerability related to Server:DDL (CPU April 2015) * CVE-2015-0499: unspecified vulnerability related to Server:Federated (CPU April 2015) * CVE-2015-2568: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015) * CVE-2015-2573: unspecified vulnerability related to Server:DDL (CPU April 2015) * CVE-2015-0433: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015) * CVE-2015-0441: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)

Affected Systems

  • susemariadb&distro=SUSE Linux Enterprise Desktop 12

    < 10.0.20-18.1

  • susemariadb&distro=SUSE Linux Enterprise Server 12

    < 10.0.20-18.1

  • susemariadb&distro=SUSE Linux Enterprise Server for SAP Applications 12

    < 10.0.20-18.1

  • susemariadb&distro=SUSE Linux Enterprise Software Development Kit 12

    < 10.0.20-18.1

  • susemariadb&distro=SUSE Linux Enterprise Workstation Extension 12

    < 10.0.20-18.1

References (26)