openSUSE Security Update : mariadb (openSUSE-2017-257)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This mariadb version update to 10.0.29 fixes the following issues :

- CVE-2017-3318: unspecified vulnerability affecting Error
Handling (bsc#1020896)

- CVE-2017-3317: unspecified vulnerability affecting
Logging (bsc#1020894)

- CVE-2017-3312: insecure error log file handling in
mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873)

- CVE-2017-3291: unrestricted mysqld_safe's ledir

- CVE-2017-3265: unsafe chmod/chown use in init script

- CVE-2017-3258: unspecified vulnerability in the DDL
component (bsc#1020875)

- CVE-2017-3257: unspecified vulnerability affecting
InnoDB (bsc#1020878)

- CVE-2017-3244: unspecified vulnerability affecing the
DML component (bsc#1020877)

- CVE-2017-3243: unspecified vulnerability affecting the
Charsets component (bsc#1020891)

- CVE-2017-3238: unspecified vulnerability affecting the
Optimizer component (bsc#1020882)

- CVE-2016-6664: Root Privilege Escalation (bsc#1008253)

- Applications using the client library for MySQL
( had a use-after-free issue that
could cause the applications to crash (bsc#1022428)

- notable changes :

- XtraDB updated to 5.6.34-79.1

- TokuDB updated to 5.6.34-79.1

- Innodb updated to 5.6.35

- Performance Schema updated to 5.6.35

Release notes and changelog :



This update was imported from the SUSE:SLE-12-SP1:Update update

See also :

Solution :

Update the affected mariadb packages.

Risk factor :

Medium / CVSS Base Score : 6.9

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now