Red Hat Security Advisory 2018-0574-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb101-mariadb. Issues addressed include a use-after-free vulnerability.
4811f7e8cd18589d5a9575a92358807bab59dcc849440d463cfcb0318d3f1686
Red Hat Security Advisory 2018-0279-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb100-mariadb. Security Fix: A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root.
a10d4430b1563b65dc84a124006aca5c1d2734452706c7bcb08d3153a5a71b6d
Red Hat Security Advisory 2017-2886-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql. Security Fix: An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
ab4e92004548788c79614f7c05b6d2c3c3448effbadd3ccabd3acbab1019e604
Red Hat Security Advisory 2017-2787-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
c2fbd0ec54d0bfa9ad2a7c6d11b3885aed12d2e86bc392ddc02f7778c1606199
Red Hat Security Advisory 2017-2192-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb. Security Fix: It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.
51d563c7dcfb60f38bf1d4ad200c9c09b641337b0c1877f5cb14e20fd87bad25
Slackware Security Advisory - New mariadb packages are available for Slackware 14.2 and -current to fix security issues.
d28bdd977d39f007c77399f719272fae2c4233f4574b5f1bad80d829ac511400
Gentoo Linux Security Advisory 201702-17 - Multiple vulnerabilities have been found in MySQL, the worst of which could lead to privilege escalation. Versions less than 5.6.35 are affected.
6b19dec0b153fc7b424ff63ea853e737f623a59f66a34fde8aa991005a8d4b32
Debian Linux Security Advisory 3767-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.54, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes.
f77c549fd6cdb4acb6c8bfc73f9e2341ff8fbdb28a30a62f7982034c9f3a2342
Ubuntu Security Notice 3174-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.54 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.17. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
d2a1c827f4402a37bb96b46caf324cea51c83d7ca8f0f78e08cf9d9d8a21010e