{"id":"MGASA-2017-0054","summary":"Updated mariadb packages fix security vulnerability","details":"Root Privilege Escalation (CVE-2016-6664).\n\nUnspecified vulnerability affecting the Optimizer component\n(CVE-2017-3238).\n\nUnspecified vulnerability affecting the Charsets component\n(CVE-2017-3243).\n\nUnspecified vulnerability affecing the DML component (CVE-2017-3244).\n\nUnspecified vulnerability affecting InnoDB (CVE-2017-3257).\n\nUnspecified vulnerability in the DDL component (CVE-2017-3258).\n\nUnsafe chmod/chown use in init script (CVE-2017-3265).\n\nUnrestricted mysqld_safe's ledir (CVE-2017-3291).\n\nInsecure error log file handling in mysqld_safe, due to an incomplete fix\nfor CVE-2016-6664 (CVE-2017-3312).\n\nUnspecified vulnerability affecting Logging (CVE-2017-3317).\n\nUnspecified vulnerability affecting Error Handling (CVE-2017-3318).\n\nApplications using the client library for MySQL (libmysqlclient.so) had a\nuse-after-free issue that could cause the applications to crash\n(bsc#1022428).\n","modified":"2026-04-16T06:24:59.664959826Z","published":"2017-02-20T13:00:19Z","upstream":["CVE-2016-6664","CVE-2017-3238","CVE-2017-3243","CVE-2017-3244","CVE-2017-3257","CVE-2017-3258","CVE-2017-3265","CVE-2017-3291","CVE-2017-3312","CVE-2017-3317","CVE-2017-3318"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0054.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=20139"},{"type":"WEB","url":"https://mariadb.com/kb/en/mariadb/mariadb-10029-release-notes/"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"},{"type":"WEB","url":"https://lists.opensuse.org/opensuse-updates/2017-02/msg00074.html"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.29-1.3.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0054.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}