openSUSE Security Update : xtrabackup (openSUSE-SU-2014:0363-1)
Medium Nessus Plugin ID 75289
SynopsisThe remote openSUSE host is missing a security update.
Descriptionxtrabackup was updated to 2.1.8 :
Disabled the 'binary version check' functionality in the VersionCheck module due to security concerns. The automatic version check remains disabled in the openSUSE package. [bnc#864194] CVE-2014-2029 More bugs fixed :
- do not discard read-ahead buffers through incorrect usage of posic_fadvise() hints, which resulted in higher I/O rate on the backup stage
- Spurious trailing data blocks that would normally be ignored by InnoDB could lead to an assertion failure on the backup stage
- A spurious warning message could cause issues with third-party wrapper scripts
- xbcrypt could fail with the xbcrypt:xb_crypt_read_chunk:
unable to read chunk iv size at offset error under some circumstances
- xbstream could sometimes hang when extracting a broken or incomplete input stream
SolutionUpdate the affected xtrabackup packages.