openSUSE-SU-2019:0327-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:0327-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2019:0327-1
- Upstream
- Related
- Published
- 2019-03-23T11:15:20Z
- Modified
- 2025-05-08T17:44:51.007259Z
- Summary
- Security update for mariadb
- Details
-
This update for mariadb to version 10.2.22 fixes the following issues:
Security issues fixed:
- CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service (bsc#1122198).
- CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service (bsc#1122198).
- CVE-2018-3284: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112377)
- CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432)
- CVE-2018-3277: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112391)
- CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397)
- CVE-2018-3200: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112404)
- CVE-2018-3185: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112384)
- CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368)
- CVE-2018-3173: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112386)
- CVE-2018-3162: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112415)
- CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417)
- CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421)
- CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678)
- CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342)
- CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677)
- CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM). (bsc#1101676)
- CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)
Non-security issues fixed:
- Fixed an issue where myslinstalldb fails due to incorrect basedir (bsc#1127027).
- Fixed an issue where the lograte was not working (bsc#1112767).
- Backport Information Schema CHECK_CONSTRAINTS Table.
- Maximum value of tabledefinitioncache is now 2097152.
- InnoDB ALTER TABLE fixes.
- Galera crash recovery fixes.
- Encryption fixes.
- Remove xtrabackup dependency as MariaDB ships a build in mariabackup so xtrabackup is not needed (bsc#1122475).
- Maria DB testsuite - test main.plugin_auth failed (bsc#1111859)
- Maria DB testsuite - test encryption.second_plugin-12863 failed (bsc#1111858)
- Remove PerconaFT from the package as it has AGPL licence (bsc#1118754)
- remove PerconaFT from the package as it has AGPL licence (bsc#1118754)
- Database corruption after renaming a prefix-indexed column (bsc#1120041)
Release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10222-release-notes
- https://mariadb.com/kb/en/library/mariadb-10222-changelog/
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZBIBDKV4Q445TSAAVXOJN365L7BQQWY6/#ZBIBDKV4Q445TSAAVXOJN365L7BQQWY6
- https://bugzilla.suse.com/1013882
- https://bugzilla.suse.com/1101676
- https://bugzilla.suse.com/1101677
- https://bugzilla.suse.com/1101678
- https://bugzilla.suse.com/1103342
- https://bugzilla.suse.com/1111858
- https://bugzilla.suse.com/1111859
- https://bugzilla.suse.com/1112368
- https://bugzilla.suse.com/1112377
- https://bugzilla.suse.com/1112384
- https://bugzilla.suse.com/1112386
- https://bugzilla.suse.com/1112391
- https://bugzilla.suse.com/1112397
- https://bugzilla.suse.com/1112404
- https://bugzilla.suse.com/1112415
- https://bugzilla.suse.com/1112417
- https://bugzilla.suse.com/1112421
- https://bugzilla.suse.com/1112432
- https://bugzilla.suse.com/1112767
- https://bugzilla.suse.com/1116686
- https://bugzilla.suse.com/1118754
- https://bugzilla.suse.com/1120041
- https://bugzilla.suse.com/1122198
- https://bugzilla.suse.com/1122475
- https://bugzilla.suse.com/1127027
- https://www.suse.com/security/cve/CVE-2016-9843
- https://www.suse.com/security/cve/CVE-2018-3058
- https://www.suse.com/security/cve/CVE-2018-3060
- https://www.suse.com/security/cve/CVE-2018-3063
- https://www.suse.com/security/cve/CVE-2018-3064
- https://www.suse.com/security/cve/CVE-2018-3066
- https://www.suse.com/security/cve/CVE-2018-3143
- https://www.suse.com/security/cve/CVE-2018-3156
- https://www.suse.com/security/cve/CVE-2018-3162
- https://www.suse.com/security/cve/CVE-2018-3173
- https://www.suse.com/security/cve/CVE-2018-3174
- https://www.suse.com/security/cve/CVE-2018-3185
- https://www.suse.com/security/cve/CVE-2018-3200
- https://www.suse.com/security/cve/CVE-2018-3251
- https://www.suse.com/security/cve/CVE-2018-3277
- https://www.suse.com/security/cve/CVE-2018-3282
- https://www.suse.com/security/cve/CVE-2018-3284
- https://www.suse.com/security/cve/CVE-2019-2510
- https://www.suse.com/security/cve/CVE-2019-2537
Affected packages
openSUSE:Leap 15.0 / mariadb
Package
- Name
- mariadb
- Purl
- pkg:rpm/opensuse/mariadb&distro=openSUSE%20Leap%2015.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.2.22-lp150.2.9.1
Ecosystem specific
{
"binaries": [
{
"mariadb-client": "10.2.22-lp150.2.9.1",
"mariadb": "10.2.22-lp150.2.9.1",
"mariadb-galera": "10.2.22-lp150.2.9.1",
"libmysqld-devel": "10.2.22-lp150.2.9.1",
"mariadb-bench": "10.2.22-lp150.2.9.1",
"mariadb-test": "10.2.22-lp150.2.9.1",
"libmysqld19": "10.2.22-lp150.2.9.1",
"mariadb-errormessages": "10.2.22-lp150.2.9.1",
"mariadb-tools": "10.2.22-lp150.2.9.1"
}
]
}