openSUSE Security Update : xtrabackup (openSUSE-2017-132)
Medium Nessus Plugin ID 96713
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for xtrabackup fixes the following issues :
- CVE-2016-6225: xbcrypt encryption IV not being set properly (boo#1019858)
In addition, XtraBackup was updated to 2.3.6 to include the following improvements :
- now supports SHA256 passwords
- new supports command options for secure connections
The following bugs were fixed :
- intermittent assertion failures when not correctly identifying server version
- Safe slave backup algorithm performed too short delays between retries which could cause backups to fail on a busy servers
- fix compilation warnings with gcc6
- Backup would still succeed even if xtrabackup would fail to write the metadata
- xbcloud now supports EMC ECS Swift API Authorization requests
- backup failed with MariaDB 10.2 with the unsupported server version error message
SolutionUpdate the affected xtrabackup packages.