{"id":"SUSE-SU-2017:0411-1","summary":"Security update for mariadb","details":"\nThis mariadb version update to 10.0.29 fixes the following issues:\n\n- CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896)\n- CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894)\n- CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873)\n- CVE-2017-3291: unrestricted mysqld_safe's ledir (bsc#1020884)\n- CVE-2017-3265: unsafe chmod/chown use in init script (bsc#1020885)\n- CVE-2017-3258: unspecified vulnerability in the DDL component (bsc#1020875)\n- CVE-2017-3257: unspecified vulnerability affecting InnoDB (bsc#1020878)\n- CVE-2017-3244: unspecified vulnerability affecing the DML component (bsc#1020877)\n- CVE-2017-3243: unspecified vulnerability affecting the Charsets component (bsc#1020891)\n- CVE-2017-3238: unspecified vulnerability affecting the Optimizer component (bsc#1020882)\n- CVE-2016-6664: Root Privilege Escalation (bsc#1008253)\n- Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428)\n\n- notable changes:\n  * XtraDB updated to 5.6.34-79.1\n  * TokuDB updated to 5.6.34-79.1\n  * Innodb updated to 5.6.35\n  * Performance Schema updated to 5.6.35\n\nRelease notes and changelog:\n  * https://kb.askmonty.org/en/mariadb-10029-release-notes\n  * https://kb.askmonty.org/en/mariadb-10029-changelog\n","modified":"2026-02-04T02:19:27.064961Z","published":"2017-02-07T12:16:05Z","related":["CVE-2016-6664","CVE-2017-3238","CVE-2017-3243","CVE-2017-3244","CVE-2017-3257","CVE-2017-3258","CVE-2017-3265","CVE-2017-3291","CVE-2017-3312","CVE-2017-3317","CVE-2017-3318"],"upstream":["CVE-2016-6664","CVE-2017-3238","CVE-2017-3243","CVE-2017-3244","CVE-2017-3257","CVE-2017-3258","CVE-2017-3265","CVE-2017-3291","CVE-2017-3312","CVE-2017-3317","CVE-2017-3318"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20170411-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1008253"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020868"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020873"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020875"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020877"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020878"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020882"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020884"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020885"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020894"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020896"},{"type":"REPORT","url":"https://bugzilla.suse.com/1022428"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6664"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3238"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3243"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3244"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3257"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3258"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3265"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3291"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3312"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3317"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3318"}],"affected":[{"package":{"name":"mariadb","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.29-20.23.1"}]}],"ecosystem_specific":{"binaries":[{"mariadb-client":"10.0.29-20.23.1","libmysqld18":"10.0.29-20.23.1","libmysqlclient18":"10.0.29-20.23.1","libmysqlclient_r18":"10.0.29-20.23.1","mariadb-errormessages":"10.0.29-20.23.1","mariadb":"10.0.29-20.23.1","mariadb-tools":"10.0.29-20.23.1","libmysqlclient18-32bit":"10.0.29-20.23.1","libmysqld-devel":"10.0.29-20.23.1","libmysqlclient-devel":"10.0.29-20.23.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0411-1.json"}},{"package":{"name":"mariadb","ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.29-20.23.1"}]}],"ecosystem_specific":{"binaries":[{"mariadb-client":"10.0.29-20.23.1","libmysqld18":"10.0.29-20.23.1","libmysqlclient18":"10.0.29-20.23.1","libmysqlclient_r18":"10.0.29-20.23.1","mariadb-errormessages":"10.0.29-20.23.1","mariadb":"10.0.29-20.23.1","mariadb-tools":"10.0.29-20.23.1","libmysqlclient18-32bit":"10.0.29-20.23.1","libmysqld-devel":"10.0.29-20.23.1","libmysqlclient-devel":"10.0.29-20.23.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0411-1.json"}}],"schema_version":"1.7.3"}