SUSE-SU-2015:0743

61579

62073

GLSA-201411-02

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

70550

The version of MariaDB installed on the remote host is prior to 10.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the mariadb-10015-release-notes advisory. These include the following:
  - An unspecified vulnerability in the 'SERVER:OPTIMIZER'     component. This allows a remote, authenticated attacker     to affect availability. (CVE-2014-6469)

  - Two separate, unspecified vulnerabilities in the     'SERVER:SSL:yaSSL' component. These allow a remote     attacker to affect confidentiality, integrity, and     availability. (CVE-2014-6491, CVE-2014-6500)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to the versions of the mariadb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - Unspecified vulnerability in Oracle MySQL 5.5.48 and     earlier, 5.6.29 and earlier, and 5.7.11 and earlier and     MariaDB before 5.5.49, 10.0.x before 10.0.25, and     10.1.x before 10.1.14 allows local users to affect     confidentiality via vectors related to     DML.(CVE-2016-0643)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB     before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before     10.1.10 allows remote authenticated users to affect     availability via vectors related to UDF.(CVE-2016-0608)

  - Unspecified vulnerability in Oracle MySQL 5.5.47 and     earlier, 5.6.28 and earlier, and 5.7.10 and earlier and     MariaDB before 5.5.48, 10.0.x before 10.0.24, and     10.1.x before 10.1.12 allows local users to affect     availability via vectors related to DDL.(CVE-2016-0644)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.39     and earlier, and 5.6.20 and earlier, allows remote     authenticated users to affect confidentiality,     integrity, and availability via vectors related to     SERVER:DML.(CVE-2014-6507)

  - Unspecified vulnerability in Oracle MySQL 5.5.47 and     earlier, 5.6.28 and earlier, and 5.7.10 and earlier and     MariaDB before 5.5.48, 10.0.x before 10.0.24, and     10.1.x before 10.1.12 allows local users to affect     availability via vectors related to DML.(CVE-2016-0646)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB     before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before     10.1.10 allows remote authenticated users to affect     availability via unknown vectors related to     InnoDB.(CVE-2016-0600)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB     before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before     10.1.10 allows remote authenticated users to affect     availability via unknown vectors related to     Optimizer.(CVE-2016-0597)

  - Buffer overflow in client/mysql.cc in Oracle MySQL and     MariaDB before 5.5.35 allows remote database servers to     cause a denial of service (crash) and possibly execute     arbitrary code via a long server version     string.(CVE-2014-0001)

  - Unspecified vulnerability in Oracle MySQL 5.5.48 and     earlier, 5.6.29 and earlier, and 5.7.11 and earlier and     MariaDB before 5.5.49, 10.0.x before 10.0.25, and     10.1.x before 10.1.14 allows local users to affect     availability via vectors related to PS.(CVE-2016-0648)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier and 5.6.27 and earlier and MariaDB before     5.5.47, 10.0.x before 10.0.23, and 10.1.x before     10.1.10 allows remote authenticated users to affect     availability via vectors related to DML.(CVE-2016-0596)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier and MariaDB before 5.5.47, 10.0.x before     10.0.23, and 10.1.x before 10.1.10 allows remote     authenticated users to affect availability via unknown     vectors related to Optimizer.(CVE-2016-0616)

  - Unspecified vulnerability in Oracle MySQL 5.5.47 and     earlier, 5.6.28 and earlier, and 5.7.10 and earlier and     MariaDB before 5.5.48, 10.0.x before 10.0.24, and     10.1.x before 10.1.12 allows local users to affect     availability via vectors related to PS.(CVE-2016-0649)

  - It was found that the MySQL client library permitted     but did not require a client to use SSL/TLS when     establishing a secure connection to a MySQL server     using the ''--ssl'' option. A man-in-the-middle     attacker could use this flaw to strip the SSL/TLS     protection from a connection between a client and a     server.(CVE-2015-3152)

  - Unspecified vulnerability in Oracle MySQL 5.5.50 and     earlier, 5.6.31 and earlier, and 5.7.13 and earlier     allows remote authenticated users to affect     availability via vectors related to DML.(CVE-2016-5612)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB     before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before     10.1.10 allows remote authenticated users to affect     integrity via unknown vectors related to     encryption.(CVE-2016-0606)

  - Unspecified vulnerability in Oracle MySQL 5.5.51 and     earlier, 5.6.32 and earlier, and 5.7.14 and earlier     allows remote authenticated users to affect     availability via vectors related to GIS.(CVE-2016-5626)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and     earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB     before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before     10.1.10 allows remote authenticated users to affect     availability via unknown vectors related to     privileges.(CVE-2016-0609)

  - A flaw was found in the way MySQL client library     (libmysqlclient) handled prepared statements when     server connection was lost. A malicious server or a     man-in-the-middle attacker could possibly use this flaw     to crash an application using     libmysqlclient.(CVE-2017-3302)

  - Unspecified vulnerability in Oracle MySQL 5.5.48 and     earlier, 5.6.29 and earlier, and 5.7.11 and earlier and     MariaDB before 5.5.49, 10.0.x before 10.0.25, and     10.1.x before 10.1.14 allows local users to affect     availability via vectors related to FTS.(CVE-2016-0647)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

MariaDB was updated to its current minor version, fixing bugs and security issues.

These updates include a fix for Logjam (CVE-2015-4000), making MariaDB work with client software that no longer allows short DH groups over SSL, as e.g. our current openssl packages.

On openSUSE 13.1, MariaDB was updated to 5.5.44.

On openSUSE 13.2, MariaDB was updated from 10.0.13 to 10.0.20.

Please read the release notes of MariaDB https://mariadb.com/kb/en/mariadb/mariadb-10020-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10019-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10017-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10016-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10015-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10014-release-notes/ for more information.

mariadb was updated to version 10.0.16 to fix 40 security issues.

These security issues were fixed :

  - CVE-2015-0411: Unspecified vulnerability in Oracle MySQL     Server 5.5.40 and earlier, and 5.6.21 and earlier,     allowed remote attackers to affect confidentiality,     integrity, and availability via unknown vectors related     to Server : Security : Encryption (bnc#915911).

  - CVE-2015-0382: Unspecified vulnerability in Oracle MySQL     Server 5.5.40 and earlier and 5.6.21 and earlier allowed     remote attackers to affect availability via unknown     vectors related to Server : Replication, a different     vulnerability than CVE-2015-0381 (bnc#915911).

  - CVE-2015-0381: Unspecified vulnerability in Oracle MySQL     Server 5.5.40 and earlier and 5.6.21 and earlier allowed     remote attackers to affect availability via unknown     vectors related to Server : Replication, a different     vulnerability than CVE-2015-0382 (bnc#915911).

  - CVE-2015-0432: Unspecified vulnerability in Oracle MySQL     Server 5.5.40 and earlier allowed remote authenticated     users to affect availability via vectors related to     Server : InnoDB : DDL : Foreign Key (bnc#915911).

  - CVE-2014-6568: Unspecified vulnerability in Oracle MySQL     Server 5.5.40 and earlier, and 5.6.21 and earlier,     allowed remote authenticated users to affect     availability via vectors related to Server : InnoDB :
    DML (bnc#915911).

  - CVE-2015-0374: Unspecified vulnerability in Oracle MySQL     Server 5.5.40 and earlier and 5.6.21 and earlier allowed     remote authenticated users to affect confidentiality via     unknown vectors related to Server : Security :
    Privileges : Foreign Key (bnc#915911).

  - CVE-2014-6507: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier, and 5.6.20 and earlier,     allowed remote authenticated users to affect     confidentiality, integrity, and availability via vectors     related to SERVER:DML (bnc#915912).

  - CVE-2014-6491: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier and 5.6.20 and earlier allowed     remote attackers to affect confidentiality, integrity,     and availability via vectors related to     SERVER:SSL:yaSSL, a different vulnerability than     CVE-2014-6500 (bnc#915912).

  - CVE-2014-6500: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier, and 5.6.20 and earlier,     allowed remote attackers to affect confidentiality,     integrity, and availability via vectors related to     SERVER:SSL:yaSSL, a different vulnerability than     CVE-2014-6491 (bnc#915912).

  - CVE-2014-6469: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and eariler and 5.6.20 and earlier allowed     remote authenticated users to affect availability via     vectors related to SERVER:OPTIMIZER (bnc#915912).

  - CVE-2014-6555: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier and 5.6.20 and earlier allowed     remote authenticated users to affect confidentiality,     integrity, and availability via vectors related to     SERVER:DML (bnc#915912).

  - CVE-2014-6559: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier, and 5.6.20 and earlier,     allowed remote attackers to affect confidentiality via     vectors related to C API SSL CERTIFICATE HANDLING     (bnc#915912).

  - CVE-2014-6494: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier, and 5.6.20 and earlier,     allowed remote attackers to affect availability via     vectors related to CLIENT:SSL:yaSSL, a different     vulnerability than CVE-2014-6496 (bnc#915912).

  - CVE-2014-6496: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier, and 5.6.20 and earlier,     allowed remote attackers to affect availability via     vectors related to CLIENT:SSL:yaSSL, a different     vulnerability than CVE-2014-6494 (bnc#915912).

  - CVE-2014-6464: Unspecified vulnerability in Oracle MySQL     Server 5.5.39 and earlier and 5.6.20 and earlier allowed     remote authenticated users to affect availability via     vectors related to SERVER:INNODB DML FOREIGN KEYS     (bnc#915912).

  - CVE-2010-5298: Race condition in the ssl3_read_bytes     function in s3_pkt.c in OpenSSL through 1.0.1g, when     SSL_MODE_RELEASE_BUFFERS is enabled, allowed remote     attackers to inject data across sessions or cause a     denial of service (use-after-free and parsing error) via     an SSL connection in a multithreaded environment     (bnc#873351).

  - CVE-2014-0195: The dtls1_reassemble_fragment function in     d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before     1.0.0m, and 1.0.1 before 1.0.1h did not properly     validate fragment lengths in DTLS ClientHello messages,     which allowed remote attackers to execute arbitrary code     or cause a denial of service (buffer overflow and     application crash) via a long non-initial fragment     (bnc#880891).

  - CVE-2014-0198: The do_ssl3_write function in s3_pkt.c in     OpenSSL 1.x through 1.0.1g, when     SSL_MODE_RELEASE_BUFFERS is enabled, did not properly     manage a buffer pointer during certain recursive calls,     which allowed remote attackers to cause a denial of     service (NULL pointer dereference and application crash)     via vectors that trigger an alert condition     (bnc#876282).

  - CVE-2014-0221: The dtls1_get_message_fragment function     in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before     1.0.0m, and 1.0.1 before 1.0.1h allowed remote attackers     to cause a denial of service (recursion and client     crash) via a DTLS hello message in an invalid DTLS     handshake (bnc#915913).

  - CVE-2014-0224: OpenSSL before 0.9.8za, 1.0.0 before     1.0.0m, and 1.0.1 before 1.0.1h did not properly     restrict processing of ChangeCipherSpec messages, which     allowed man-in-the-middle attackers to trigger use of a     zero-length master key in certain OpenSSL-to-OpenSSL     communications, and consequently hijack sessions or     obtain sensitive information, via a crafted TLS     handshake, aka the 'CCS Injection' vulnerability     (bnc#915913).

  - CVE-2014-3470: The ssl3_send_client_key_exchange     function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0     before 1.0.0m, and 1.0.1 before 1.0.1h, when an     anonymous ECDH cipher suite is used, allowed remote     attackers to cause a denial of service (NULL pointer     dereference and client crash) by triggering a NULL     certificate value (bnc#915913).

  - CVE-2014-6474: Unspecified vulnerability in Oracle MySQL     Server 5.6.19 and earlier allowed remote authenticated     users to affect availability via vectors related to     SERVER:MEMCACHED (bnc#915913).

  - CVE-2014-6489: Unspecified vulnerability in Oracle MySQL     Server 5.6.19 and earlier allowed remote authenticated     users to affect integrity and availability via vectors     related to SERVER:SP (bnc#915913).

  - CVE-2014-6564: Unspecified vulnerability in Oracle MySQL     Server 5.6.19 and earlier allowed remote authenticated     users to affect availability via vectors related to     SERVER:INNODB FULLTEXT SEARCH DML (bnc#915913).

  - CVE-2012-5615: Oracle MySQL 5.5.38 and earlier, 5.6.19     and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13,     5.1.66, and possibly other versions, generates different     error messages with different time delays depending on     whether a user name exists, which allowed remote     attackers to enumerate valid usernames (bnc#915913).

  - CVE-2014-4274: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier and 5.6.19 and earlier allowed     local users to affect confidentiality, integrity, and     availability via vectors related to SERVER:MyISAM     (bnc#896400).

  - CVE-2014-4287: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier and 5.6.19 and earlier allowed     remote authenticated users to affect availability via     vectors related to SERVER:CHARACTER SETS (bnc#915913).

  - CVE-2014-6463: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier and 5.6.19 and earlier allowed     remote authenticated users to affect availability via     vectors related to SERVER:REPLICATION ROW FORMAT BINARY     LOG DML (bnc#915913).

  - CVE-2014-6478: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier, and 5.6.19 and earlier,     allowed remote attackers to affect integrity via vectors     related to SERVER:SSL:yaSSL (bnc#915913).

  - CVE-2014-6484: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier, and 5.6.19 and earlier,     allowed remote authenticated users to affect     availability via vectors related to SERVER:DML     (bnc#915913).

  - CVE-2014-6495: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier, and 5.6.19 and earlier,     allowed remote attackers to affect availability via     vectors related to SERVER:SSL:yaSSL (bnc#915913).

  - CVE-2014-6505: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier, and 5.6.19 and earlier,     allowed remote authenticated users to affect     availability via vectors related to SERVER:MEMORY     STORAGE ENGINE (bnc#915913).

  - CVE-2014-6520: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier allowed remote authenticated     users to affect availability via vectors related to     SERVER:DDL (bnc#915913).

  - CVE-2014-6530: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier, and 5.6.19 and earlier,     allowed remote authenticated users to affect     confidentiality, integrity, and availability via vectors     related to CLIENT:MYSQLDUMP (bnc#915913).

  - CVE-2014-6551: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier and 5.6.19 and earlier allowed     local users to affect confidentiality via vectors     related to CLIENT:MYSQLADMIN (bnc#915913).

  - CVE-2015-0391: Unspecified vulnerability in Oracle MySQL     Server 5.5.38 and earlier, and 5.6.19 and earlier,     allowed remote authenticated users to affect     availability via vectors related to DDL (bnc#915913).

  - CVE-2014-4258: Unspecified vulnerability in the MySQL     Server component in Oracle MySQL 5.5.37 and earlier and     5.6.17 and earlier allowed remote authenticated users to     affect confidentiality, integrity, and availability via     vectors related to SRINFOSC (bnc#915914).

  - CVE-2014-4260: Unspecified vulnerability in the MySQL     Server component in Oracle MySQL 5.5.37 and earlier, and     5.6.17 and earlier, allowed remote authenticated users     to affect integrity and availability via vectors related     to SRCHAR (bnc#915914).

  - CVE-2014-2494: Unspecified vulnerability in the MySQL     Server component in Oracle MySQL 5.5.37 and earlier     allowed remote authenticated users to affect     availability via vectors related to ENARC (bnc#915914).

  - CVE-2014-4207: Unspecified vulnerability in the MySQL     Server component in Oracle MySQL 5.5.37 and earlier     allowed remote authenticated users to affect     availability via vectors related to SROPTZR     (bnc#915914).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The MySQL datebase server was updated to 5.5.42, fixing various bugs and security issues.

More information can be found on :

  -     http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-     42.html

  -     http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-     41.html

  -     http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-     40.html Also various issues with the mysql start script     were fixed. (bsc#868673,bsc#878779)

This update provides MariaDB 5.5.42, which fixes several security issues and other bugs. Please refer to the Oracle Critical Patch Update Advisories and the Release Notes for MariaDB for further information regarding the security vulnerabilities.

Additionally the jemalloc packages is being provided as it was previousely provided with the mariadb source code, built and used but removed from the mariadb source code since 5.5.40.

The version of MySQL installed on the remote host is version 5.5.x prior to 5.5.40 or 5.6.x prior to 5.6.21. It is, therefore, affected by errors in the following components :

 - C API SSL CERTIFICATE HANDLING
 - CLIENT:SSL:yaSSL 
 - SERVER:DML
 - SERVER:INNODB DML FOREIGN KEYS
 - SERVER:OPTIMIZER
 - SERVER:SSL:yaSSL 

 - A use-after-free error exists in the 'mysql_prune_stmt_list()' function in 'client.c' that may allow an authenticated attacker to dereference already freed memory and crash the database.

This is an update that fixes all issues described at https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-5540- changelog and also couple of security issues.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

From Red Hat Security Advisory 2014:1861 :

Updated mariadb packages that fix several security issues are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section.
(CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559)

These updated packages upgrade MariaDB to version 5.5.40. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes.

All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.

From Red Hat Security Advisory 2014:1859 :

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section.
(CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559)

These updated packages upgrade MySQL to version 5.5.40. Refer to the MySQL Release Notes listed in the References section for a complete list of changes.

All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page. (CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559)

After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page (CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559)

After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.

Updated mariadb packages that fix several security issues are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section.
(CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559)

These updated packages upgrade MariaDB to version 5.5.40. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes.

All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section.
(CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559)

These updated packages upgrade MySQL to version 5.5.40. Refer to the MySQL Release Notes listed in the References section for a complete list of changes.

All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

The remote host is affected by the vulnerability described in GLSA-201411-02 (MySQL, MariaDB: Multiple vulnerabilities)

    Multiple unspecified vulnerabilities have been discovered in MySQL.
      Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could exploit these vulnerabilities to cause       unspecified impact, possibly including remote execution of arbitrary       code, Denial of Service, or disclosure of sensitive information.
  Workaround :

    There is no known workaround at this time.

New mariadb packages are available for Slackware 14.1 and -current to fix security issues.

Multiple vulnerabilities has been discovered and corrected in mariadb :

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS (CVE-2014-6464).

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and eariler and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER (CVE-2014-6469).

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML (CVE-2014-6507).

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML (CVE-2014-6555).

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING (CVE-2014-6559).

The updated packages have been upgraded to the 5.5.40 version which is not vulnerable to these issues.

Additionally MariaDB 5.5.40 removed the bundled copy of jemalloc from the source tarball and only builds with jemalloc if a system copy of the jemalloc library is detecting during the build. This update provides the jemalloc library packages to resolve this issue.

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.40. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details :

  -     https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5
    -39.html
  -     https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5
    -40.html

  -     http://www.oracle.com/technetwork/topics/security/cpuoct     2014-1972960.html

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.h tml.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of MySQL installed on the remote host is version 5.5.x prior to 5.5.40 or 5.6.x prior to 5.6.21. It is, therefore, affected by errors in the following components :

  - C API SSL CERTIFICATE HANDLING
  - CLIENT:SSL:yaSSL
  - SERVER:DML
  - SERVER:INNODB DML FOREIGN KEYS
  - SERVER:OPTIMIZER
  - SERVER:SSL:yaSSL

ID	Name	Product	Family	Severity
129355	MariaDB 10.0.0 < 10.0.15 Multiple Vulnerabilities	Nessus	Databases	high
125007	EulerOS Virtualization 3.0.1.0 : mariadb (EulerOS-SA-2019-1554)	Nessus	Huawei Local Security Checks	high
84658	openSUSE Security Update : MariaDB (openSUSE-2015-479) (BACKRONYM) (Logjam)	Nessus	SuSE Local Security Checks	high
83716	SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1)	Nessus	SuSE Local Security Checks	high
82428	SuSE 11.3 Security Update : MySQL (SAT Patch Number 10387)	Nessus	SuSE Local Security Checks	high
82344	Mandriva Linux Security Advisory : mariadb (MDVSA-2015:091)	Nessus	Mandriva Local Security Checks	high
8912	Oracle MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities	Nessus Network Monitor	Database	high
79905	Fedora 20 : mariadb-5.5.40-1.fc20 (2014-16003)	Nessus	Fedora Local Security Checks	medium
79370	Oracle Linux 7 : mariadb (ELSA-2014-1861)	Nessus	Oracle Linux Local Security Checks	medium
79369	Oracle Linux 5 : mysql55-mysql (ELSA-2014-1859)	Nessus	Oracle Linux Local Security Checks	medium
79305	Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20141117)	Nessus	Scientific Linux Local Security Checks	medium
79304	Scientific Linux Security Update : mariadb on SL7.x x86_64 (20141117)	Nessus	Scientific Linux Local Security Checks	medium
79303	RHEL 7 : mariadb (RHSA-2014:1861)	Nessus	Red Hat Local Security Checks	medium
79302	RHEL 5 : mysql55-mysql (RHSA-2014:1859)	Nessus	Red Hat Local Security Checks	high
79300	CentOS 7 : mariadb (CESA-2014:1861)	Nessus	CentOS Local Security Checks	medium
79299	CentOS 5 : mysql55-mysql (CESA-2014:1859)	Nessus	CentOS Local Security Checks	medium
78880	GLSA-201411-02 : MySQL, MariaDB: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
78829	Slackware 14.1 / current : mariadb (SSA:2014-307-01)	Nessus	Slackware Local Security Checks	high
78718	Mandriva Linux Security Advisory : mariadb (MDVSA-2014:210)	Nessus	Mandriva Local Security Checks	high
78589	Debian DSA-3054-1 : mysql-5.5 - security update	Nessus	Debian Local Security Checks	high
78505	Ubuntu 12.04 LTS / 14.04 LTS : mysql-5.5 vulnerabilities (USN-2384-1)	Nessus	Ubuntu Local Security Checks	high
78477	MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities (October 2014 CPU)	Nessus	Databases	high

CVE-2014-6507

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins