Bug 1090518

Summary: VUL-0: mariadb: 10.0.35 release
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: abergmann, bjoernv, jsegitz, kstreitova, rsalevsky
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2018-04-23 10:01:15 UTC 
https://mariadb.com/kb/en/library/mariadb-10035-release-notes/

MariaDB 10.0.35 Release Notes

Notable changes
The embedded server library now supports SSL when connecting to remote servers. 

Fixes for the following security vulnerabilities:
- CVE-2018-2782
- CVE-2018-2784
- CVE-2018-2787
- CVE-2018-2766
- CVE-2018-2755
- CVE-2018-2819
- CVE-2018-2817
- CVE-2018-2761
- CVE-2018-2781
- CVE-2018-2771
- CVE-2018-2813

It looks like this version is not fully released yet.

https://downloads.mariadb.org/
Comment 5 Swamp Workflow Management 2018-05-23 13:09:17 UTC 
SUSE-SU-2018:1382-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1088681,1090518
CVE References: CVE-2018-2755,CVE-2018-2761,CVE-2018-2766,CVE-2018-2767,CVE-2018-2771,CVE-2018-2781,CVE-2018-2782,CVE-2018-2784,CVE-2018-2787,CVE-2018-2813,CVE-2018-2817,CVE-2018-2819
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    mariadb-10.0.35-20.46.1
Comment 6 Swamp Workflow Management 2018-06-07 22:12:40 UTC 
openSUSE-SU-2018:1595-1: An update that fixes 16 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1088681,1089987,1090518,1092544
CVE References: CVE-2018-2755,CVE-2018-2759,CVE-2018-2761,CVE-2018-2766,CVE-2018-2767,CVE-2018-2771,CVE-2018-2777,CVE-2018-2781,CVE-2018-2782,CVE-2018-2784,CVE-2018-2786,CVE-2018-2787,CVE-2018-2810,CVE-2018-2813,CVE-2018-2817,CVE-2018-2819
Sources used:
openSUSE Leap 15.0 (src):    mariadb-10.2.15-lp150.2.3.2
Comment 7 Swamp Workflow Management 2018-06-22 10:11:33 UTC 
SUSE-SU-2018:1781-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1088681,1090518
CVE References: CVE-2018-2755,CVE-2018-2761,CVE-2018-2766,CVE-2018-2767,CVE-2018-2771,CVE-2018-2781,CVE-2018-2782,CVE-2018-2784,CVE-2018-2787,CVE-2018-2813,CVE-2018-2817,CVE-2018-2819
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Server 12-SP3 (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    mariadb-10.0.35-29.20.3
SUSE Linux Enterprise Desktop 12-SP3 (src):    mariadb-10.0.35-29.20.3
SUSE Enterprise Storage 4 (src):    mariadb-10.0.35-29.20.3
Comment 8 Swamp Workflow Management 2018-06-23 01:12:39 UTC 
openSUSE-SU-2018:1800-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1088681,1090518
CVE References: CVE-2018-2755,CVE-2018-2761,CVE-2018-2766,CVE-2018-2767,CVE-2018-2771,CVE-2018-2781,CVE-2018-2782,CVE-2018-2784,CVE-2018-2787,CVE-2018-2813,CVE-2018-2817,CVE-2018-2819
Sources used:
openSUSE Leap 42.3 (src):    mariadb-10.0.35-35.1
Comment 10 Johannes Segitz 2018-07-04 09:34:01 UTC 
fixed
Comment 11 Swamp Workflow Management 2018-10-18 17:46:25 UTC 
SUSE-SU-2018:1781-2: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1088681,1090518
CVE References: CVE-2018-2755,CVE-2018-2761,CVE-2018-2766,CVE-2018-2767,CVE-2018-2771,CVE-2018-2781,CVE-2018-2782,CVE-2018-2784,CVE-2018-2787,CVE-2018-2813,CVE-2018-2817,CVE-2018-2819
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    mariadb-10.0.35-29.20.3