openSUSE Security Update : mariadb (openSUSE-2016-164)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

MariaDB has been updated to version 10.0.22, which brings fixes for
many security issues and other improvements.

The following CVEs have been fixed :

- 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815,
CVE-2015-4826, CVE-2015-4830, CVE-2015-4836,
CVE-2015-4858, CVE-2015-4861, CVE-2015-4870,
CVE-2015-4913, CVE-2015-4792

- Fix information leak via mysql-systemd-helper script.
(CVE-2015-5969, bsc#957174)

For a comprehensive list of changes refer to the upstream Release
Notes and Change Log documents :

- https://kb.askmonty.org/en/mariadb-10022-release-notes/

- https://kb.askmonty.org/en/mariadb-10022-changelog/

This update was imported from the SUSE:SLE-12-SP1:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=937787
https://bugzilla.opensuse.org/show_bug.cgi?id=957174
https://bugzilla.opensuse.org/show_bug.cgi?id=958789
https://kb.askmonty.org/en/mariadb-10022-changelog/
https://kb.askmonty.org/en/mariadb-10022-release-notes/

Solution :

Update the affected mariadb packages.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now