You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa mariadb

Sigurnosni nedostaci programskog paketa mariadb

——————————————————————————–
Fedora Update Notification
FEDORA-2017-2c0609b92a
2017-06-16 13:14:53.497492
——————————————————————————–

Name : mariadb
Product : Fedora 25
Version : 10.1.24
Release : 3.fc25
URL : http://mariadb.org
Summary : A community developed branch of MySQL
Description :
MariaDB is a community developed branch of MySQL.
MariaDB is a multi-user, multi-threaded SQL database server.
It is a client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MariaDB/MySQL client programs and generic MySQL files.

——————————————————————————–
Update Information:

**Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled
Sphinx engine enabled Build dependecies Bison and Libarchive added, others
corrected Disabling Mroonga engine for i686 architecture, as it is not
supported by MariaDB **Removed patches: (fixed by upstream)** Patch5:
%{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-
files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32:
%{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-
help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309
CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled
‘–big-test’ option for the testsuite Disabled ‘–skip-rpl’ option for the
testsuite = replication tests enabled **Warning** Some Spider tests
started to fail, the engine can be probabbly unsafe now. **Aditional bugs
solved:** #1459671: mariadb fails to start with tokudb; jemalloc not
correctly enabled —- **Rebase to 10.1.24** Plugin oqgraph enabled
Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison
and Libarchive added, others corrected Disabling Mroonga engine for i686
architecture, as it is not supported by MariaDB **Removed patches: (fixed by
upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14:
%{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-
overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41:
%{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313
CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456
CVE-2017-3464 **Testsuite** Enabled ‘–big-test’ option for the testsuite
Disabled ‘–skip-rpl’ option for the testsuite = replication tests enabled
**Warning** Some Spider tests started to fail, the engine can be probabbly
unsafe now. **Aditional bugs solved:** #1459671: mariadb fails to start
with tokudb; jemalloc not correctly enabled —- **Rebase to 10.1.24**
Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled
Build dependecies Bison and Libarchive added, others corrected Disabling
Mroonga engine for i686 architecture, as it is not supported by MariaDB
**Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-
contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch
Patch31: %{pkgnamepatch}-string-overflow.patch Patch32:
%{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-
cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308
CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464
**Testsuite** Enabled ‘–big-test’ option for the testsuite Disabled
‘–skip-rpl’ option for the testsuite = replication tests enabled **Warning**
Some Spider tests started to fail, the engine can be probabbly unsafe now.
——————————————————————————–
References:

[ 1 ] Bug #1414387 – CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 mariadb: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1414387
[ 2 ] Bug #1459671 – mariadb fails to start with tokudb; jemalloc not correctly enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1459671
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mariadb’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8425f676f2
2017-06-16 13:14:50.415837
——————————————————————————–

Name : mariadb
Product : Fedora 24
Version : 10.1.24
Release : 3.fc24
URL : http://mariadb.org
Summary : A community developed branch of MySQL
Description :
MariaDB is a community developed branch of MySQL.
MariaDB is a multi-user, multi-threaded SQL database server.
It is a client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MariaDB/MySQL client programs and generic MySQL files.

——————————————————————————–
Update Information:

**Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled
Sphinx engine enabled Build dependecies Bison and Libarchive added, others
corrected Disabling Mroonga engine for i686 architecture, as it is not
supported by MariaDB **Removed patches: (fixed by upstream)** Patch5:
%{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-
files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32:
%{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-
help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309
CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled
‘–big-test’ option for the testsuite Disabled ‘–skip-rpl’ option for the
testsuite = replication tests enabled **Warning** Some Spider tests
started to fail, the engine can be probabbly unsafe now. **Aditional bugs
solved:** #1459671: mariadb fails to start with tokudb; jemalloc not
correctly enabled —- **Rebase to 10.1.24** Plugin oqgraph enabled
Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison
and Libarchive added, others corrected Disabling Mroonga engine for i686
architecture, as it is not supported by MariaDB **Removed patches: (fixed by
upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14:
%{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-
overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41:
%{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313
CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456
CVE-2017-3464 **Testsuite** Enabled ‘–big-test’ option for the testsuite
Disabled ‘–skip-rpl’ option for the testsuite = replication tests enabled
**Warning** Some Spider tests started to fail, the engine can be probabbly
unsafe now. **Aditional bugs solved:** #1459671: mariadb fails to start
with tokudb; jemalloc not correctly enabled —- **Rebase to 10.1.24**
Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled
Build dependecies Bison and Libarchive added, others corrected Disabling
Mroonga engine for i686 architecture, as it is not supported by MariaDB
**Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-
contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch
Patch31: %{pkgnamepatch}-string-overflow.patch Patch32:
%{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-
cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308
CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464
**Testsuite** Enabled ‘–big-test’ option for the testsuite Disabled
‘–skip-rpl’ option for the testsuite = replication tests enabled **Warning**
Some Spider tests started to fail, the engine can be probabbly unsafe now.
——————————————————————————–
References:

[ 1 ] Bug #1414387 – CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 mariadb: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1414387
[ 2 ] Bug #1459671 – mariadb fails to start with tokudb; jemalloc not correctly enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1459671
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mariadb’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa irssi

Otkriveni su sigurnosni nedostaci u programskom paketu irssi za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju rušenje servisa. Savjetuje...

Close