{"id":"SUSE-SU-2018:1853-1","summary":"Recommended update for mariadb","details":"This MariaDB update to version 10.2.15 brings the following fixes and improvements.\n\nSecurity issues:\n\n- CVE-2018-2767: The embedded server library now supports SSL when connecting to remote servers (bsc#1088681).\n- Collected CVEs fixes:\n  * 10.2.15: CVE-2018-2786, CVE-2018-2759, CVE-2018-2777, CVE-2018-2810,\n             CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2766,\n             CVE-2018-2755, CVE-2018-2819, CVE-2018-2817, CVE-2018-2761, \n             CVE-2018-2781, CVE-2018-2771, CVE-2018-2813\n  * 10.2.13: CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665,\n             CVE-2018-2668, CVE-2018-2612\n  * 10.2.10: CVE-2017-10378, CVE-2017-10268, CVE-2017-15365\n  * 10.2.8:  CVE-2017-3636, CVE-2017-3641, CVE-2017-3653,\n             CVE-2017-10320, CVE-2017-10365, CVE-2017-10379,\n             CVE-2017-10384, CVE-2017-10286, CVE-2017-3257\n  * 10.2.6:  CVE-2017-3308, CVE-2017-3309, CVE-2017-3453,\n             CVE-2017-3456, CVE-2017-3464\n  * 10.2.5:  CVE-2017-3313, CVE-2017-3302\n\nBugfixes:\n\n- bsc#1092544: Update suse_skipped_tests.list and add tests that are failing with GCC 8.\n- bsc#1012075: MariaDB Test Suite issue with test sys_vars.secure_file_priv.test. \n- bsc#1019948: mariadb even tumbleweed version is super old.\n- bsc#1039034: no ODBC support in MariaDB Server. \n- bsc#1041891: Make mariadb tests pass and exclude failures. \n- bsc#1042632: Mariadb fails to build with openssl-1.1. \n- bsc#1043328: Update mariadb in TW to 10.2 and drop comat with mysql. \n- bsc#1047218: trackerbug: packages do not build reproducibly from including build time. \n- bsc#1055165: mariadb build with cassandra enabled. \n- bsc#1055268: MariaDB configurations are not overwritable. \n- bsc#1058374: Use bind-address directive and SSL section settings in default my.cnf. \n- bsc#1058729: MariaDB - mysql-test - connect.drop-open-error is failing (regression).\n- bsc#1060110: The mariadb install script depends on hostname but does not require it. \n- bsc#1062583: Stop using boost-devel. \n- bsc#1067443: incomplete revert of the mariadb service rename. \n- bsc#1068906: MariaDB: ALTER TABLE can't rename columns with CHECK constraints. \n- bsc#1069401: Database failed apply with mariadb 10.2 : RuntimeError: Galera cluster did not start after 600 seconds. \n- bsc#1080891: server:database/mariadb: up-streaming patches. \n- bsc#1083087: Galera bootstrap failes work after MariaDB 10.2.13 upgrade. \n- bsc#1082318: mariadb-connector-c.changes and xtrabackup need to use %doc instead of %license.\n\nRelease notes and changelog:\n\n- https://mariadb.com/kb/en/library/mariadb-10215-release-notes\n- https://mariadb.com/kb/en/library/mariadb-10215-changelog\n","modified":"2026-02-04T02:59:47.771810Z","published":"2018-06-29T15:40:54Z","related":["CVE-2017-10268","CVE-2017-10286","CVE-2017-10320","CVE-2017-10365","CVE-2017-10378","CVE-2017-10379","CVE-2017-10384","CVE-2017-15365","CVE-2017-3257","CVE-2017-3302","CVE-2017-3308","CVE-2017-3309","CVE-2017-3313","CVE-2017-3453","CVE-2017-3456","CVE-2017-3464","CVE-2017-3636","CVE-2017-3641","CVE-2017-3653","CVE-2018-2562","CVE-2018-2612","CVE-2018-2622","CVE-2018-2640","CVE-2018-2665","CVE-2018-2668","CVE-2018-2755","CVE-2018-2759","CVE-2018-2761","CVE-2018-2766","CVE-2018-2767","CVE-2018-2771","CVE-2018-2777","CVE-2018-2781","CVE-2018-2782","CVE-2018-2784","CVE-2018-2786","CVE-2018-2787","CVE-2018-2810","CVE-2018-2813","CVE-2018-2817","CVE-2018-2819"],"upstream":["CVE-2017-10268","CVE-2017-10286","CVE-2017-10320","CVE-2017-10365","CVE-2017-10378","CVE-2017-10379","CVE-2017-10384","CVE-2017-15365","CVE-2017-3257","CVE-2017-3302","CVE-2017-3308","CVE-2017-3309","CVE-2017-3313","CVE-2017-3453","CVE-2017-3456","CVE-2017-3464","CVE-2017-3636","CVE-2017-3641","CVE-2017-3653","CVE-2018-2562","CVE-2018-2612","CVE-2018-2622","CVE-2018-2640","CVE-2018-2665","CVE-2018-2668","CVE-2018-2755","CVE-2018-2759","CVE-2018-2761","CVE-2018-2766","CVE-2018-2767","CVE-2018-2771","CVE-2018-2777","CVE-2018-2781","CVE-2018-2782","CVE-2018-2784","CVE-2018-2786","CVE-2018-2787","CVE-2018-2810","CVE-2018-2813","CVE-2018-2817","CVE-2018-2819"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20181853-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1012075"},{"type":"REPORT","url":"https://bugzilla.suse.com/1019948"},{"type":"REPORT","url":"https://bugzilla.suse.com/1039034"},{"type":"REPORT","url":"https://bugzilla.suse.com/1041891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1042632"},{"type":"REPORT","url":"https://bugzilla.suse.com/1043328"},{"type":"REPORT","url":"https://bugzilla.suse.com/1047218"},{"type":"REPORT","url":"https://bugzilla.suse.com/1055165"},{"type":"REPORT","url":"https://bugzilla.suse.com/1055268"},{"type":"REPORT","url":"https://bugzilla.suse.com/1058374"},{"type":"REPORT","url":"https://bugzilla.suse.com/1058729"},{"type":"REPORT","url":"https://bugzilla.suse.com/1060110"},{"type":"REPORT","url":"https://bugzilla.suse.com/1062583"},{"type":"REPORT","url":"https://bugzilla.suse.com/1067443"},{"type":"REPORT","url":"https://bugzilla.suse.com/1068906"},{"type":"REPORT","url":"https://bugzilla.suse.com/1069401"},{"type":"REPORT","url":"https://bugzilla.suse.com/1080891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082318"},{"type":"REPORT","url":"https://bugzilla.suse.com/1083087"},{"type":"REPORT","url":"https://bugzilla.suse.com/1088681"},{"type":"REPORT","url":"https://bugzilla.suse.com/1092544"},{"type":"REPORT","url":"https://bugzilla.suse.com/1093130"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10268"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10286"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10320"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10365"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10378"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10379"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10384"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-15365"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3257"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3302"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3308"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3309"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3313"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3453"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3456"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3464"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3636"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3641"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3653"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2562"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2612"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2622"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2640"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2665"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2668"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2755"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2759"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2761"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2766"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2767"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2771"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2777"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2781"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2782"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2784"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2786"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2787"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2810"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2813"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2817"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2819"}],"affected":[{"package":{"name":"galera-3","ecosystem":"SUSE:OpenStack Cloud 7","purl":"pkg:rpm/suse/galera-3&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"25.3.23-8.3"}]}],"ecosystem_specific":{"binaries":[{"libmariadb3":"3.0.3-1.3.3","mariadb":"10.2.15-7.1","xtrabackup":"2.4.10-5.3","mariadb-galera":"10.2.15-7.1","galera-3-wsrep-provider":"25.3.23-8.3","ruby2.1-rubygem-mysql2":"0.4.10-7.2","mariadb-tools":"10.2.15-7.1","mariadb-client":"10.2.15-7.1","mariadb-errormessages":"10.2.15-7.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1853-1.json"}},{"package":{"name":"mariadb","ecosystem":"SUSE:OpenStack Cloud 7","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.2.15-7.1"}]}],"ecosystem_specific":{"binaries":[{"libmariadb3":"3.0.3-1.3.3","mariadb":"10.2.15-7.1","xtrabackup":"2.4.10-5.3","mariadb-galera":"10.2.15-7.1","galera-3-wsrep-provider":"25.3.23-8.3","ruby2.1-rubygem-mysql2":"0.4.10-7.2","mariadb-tools":"10.2.15-7.1","mariadb-client":"10.2.15-7.1","mariadb-errormessages":"10.2.15-7.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1853-1.json"}},{"package":{"name":"mariadb-connector-c","ecosystem":"SUSE:OpenStack Cloud 7","purl":"pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.3-1.3.3"}]}],"ecosystem_specific":{"binaries":[{"libmariadb3":"3.0.3-1.3.3","mariadb":"10.2.15-7.1","xtrabackup":"2.4.10-5.3","mariadb-galera":"10.2.15-7.1","galera-3-wsrep-provider":"25.3.23-8.3","ruby2.1-rubygem-mysql2":"0.4.10-7.2","mariadb-tools":"10.2.15-7.1","mariadb-client":"10.2.15-7.1","mariadb-errormessages":"10.2.15-7.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1853-1.json"}},{"package":{"name":"rubygem-mysql2","ecosystem":"SUSE:OpenStack Cloud 7","purl":"pkg:rpm/suse/rubygem-mysql2&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.10-7.2"}]}],"ecosystem_specific":{"binaries":[{"libmariadb3":"3.0.3-1.3.3","mariadb":"10.2.15-7.1","xtrabackup":"2.4.10-5.3","mariadb-galera":"10.2.15-7.1","galera-3-wsrep-provider":"25.3.23-8.3","ruby2.1-rubygem-mysql2":"0.4.10-7.2","mariadb-tools":"10.2.15-7.1","mariadb-client":"10.2.15-7.1","mariadb-errormessages":"10.2.15-7.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1853-1.json"}},{"package":{"name":"xtrabackup","ecosystem":"SUSE:OpenStack Cloud 7","purl":"pkg:rpm/suse/xtrabackup&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.10-5.3"}]}],"ecosystem_specific":{"binaries":[{"libmariadb3":"3.0.3-1.3.3","mariadb":"10.2.15-7.1","xtrabackup":"2.4.10-5.3","mariadb-galera":"10.2.15-7.1","galera-3-wsrep-provider":"25.3.23-8.3","ruby2.1-rubygem-mysql2":"0.4.10-7.2","mariadb-tools":"10.2.15-7.1","mariadb-client":"10.2.15-7.1","mariadb-errormessages":"10.2.15-7.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1853-1.json"}}],"schema_version":"1.7.3"}