MGASA-2016-0371

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0371.html

Import Source

https://advisories.mageia.org/MGASA-2016-0371.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0371

Related

Published

2016-11-09T21:43:03Z

Modified

2016-11-09T21:35:42Z

Summary

Updated mariadb packages fix security vulnerabilities

Details

A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user (CVE-2016-6663).

This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section (CVE-2016-3492, CVE-2016-5584, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-7440, CVE-2016-8283).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / mariadb

Package

Name: mariadb
Purl: pkg:rpm/mageia/mariadb?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.0.28-1.mga5

Ecosystem specific

{
    "section": "core"
}