Detections
Analytics

openSUSE Security Update : mariadb (openSUSE-2016-1068)

high Nessus Plugin ID 93431

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for mariadb fixes the following issues :

 - CVE-2016-3477: Unspecified vulnerability in subcomponent parser [bsc#991616]

 - CVE-2016-3521: Unspecified vulnerability in subcomponent types [bsc#991616]

- CVE-2016-3615: Unspecified vulnerability in subcomponent dml [bsc#991616]

- CVE-2016-5440: Unspecified vulnerability in subcomponent rbr [bsc#991616]

 - mariadb failing test main.bootstrap [bsc#984858]

 - left over 'openSUSE' comments in MariaDB on SLE12 GM and SP1 [bsc#985217]

 - remove unnecessary conditionals from specfile

 - add '--ignore-db-dir=lost+found' option to rc.mysql-multi in order not to misinterpret the lost+found directory as a database [bsc#986251]

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Solution

Update the affected mariadb packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=984858

https://bugzilla.opensuse.org/show_bug.cgi?id=985217

https://bugzilla.opensuse.org/show_bug.cgi?id=986251

https://bugzilla.opensuse.org/show_bug.cgi?id=991616

Plugin Details

Severity: High

ID: 93431

File Name: openSUSE-2016-1068.nasl

Version: 2.5

Type: local

Agent: unix

Published: 9/12/2016

Updated: 1/26/2026

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Medium

Base Score: 4.1

Temporal Score: 3

Vector: CVSS2#AV:L/AC:M/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2016-3477

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:mariadb-test-debuginfo, p-cpe:/a:novell:opensuse:mariadb-debuginfo, p-cpe:/a:novell:opensuse:mariadb-test, p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo, p-cpe:/a:novell:opensuse:mariadb-tools, p-cpe:/a:novell:opensuse:libmysqlclient_r18-32bit, p-cpe:/a:novell:opensuse:mariadb-client, p-cpe:/a:novell:opensuse:libmysqlclient-devel, cpe:/o:novell:opensuse:42.1, p-cpe:/a:novell:opensuse:libmysqld18, p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo, p-cpe:/a:novell:opensuse:libmysqlclient18-32bit, p-cpe:/a:novell:opensuse:mariadb-bench, p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo, p-cpe:/a:novell:opensuse:mariadb-client-debuginfo, p-cpe:/a:novell:opensuse:mariadb, p-cpe:/a:novell:opensuse:libmysqld-devel, p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo-32bit, p-cpe:/a:novell:opensuse:mariadb-debugsource, p-cpe:/a:novell:opensuse:libmysqlclient_r18, p-cpe:/a:novell:opensuse:libmysqld18-debuginfo, p-cpe:/a:novell:opensuse:libmysqlclient18, p-cpe:/a:novell:opensuse:mariadb-errormessages

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 9/9/2016

Reference Information

CVE: CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440