Bug 1034911 - VUL-0: mariadb: 10.0.30 security release
VUL-0: mariadb: 10.0.30 security release
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-04-19 10:07 UTC by Marcus Meissner
Modified: 2019-05-06 13:55 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2017-04-19 10:07:31 UTC
https://mariadb.com/kb/en/mariadb/mariadb-10030-release-notes/

Release date: 8 Mar 2017

MariaDB 10.0 is a previous stable series of MariaDB. It is an evolution of MariaDB 5.5 with several entirely new features not found anywhere else and with backported and reimplemented features from MySQL 5.6.

This is a Stable (GA) release.

For an overview of MariaDB 10.0 see the What is MariaDB 10.0? page.

Thanks, and enjoy MariaDB!
Notable changes

    XtraDB updated to 5.6.35-80.0
    TokuDB updated to 5.6.35-80.0
    PCRE updated to 8.40
    MDEV-11027: better InnoDB crash recovery progress reporting
    MDEV-11520: improvements to how InnoDB data files are extended
    Improvements to InnoDB startup/shutdown to make it more robust
    MDEV-11233: fix for FULLTEXT index crash
    MDEV-6143: MariaDB Linux binary tarballs will now always untar to directories that match their filename
    As per the MariaDB Deprecation Policy, this will be the last release of MariaDB 10.0 for Fedora 23, CentOS 5, RHEL 5, and openSUSE 13
    Fixes for the following security vulnerabilities:
        CVE-2017-3313
        CVE-2017-3302
Comment 2 Kristyna Streitova 2017-04-26 10:27:54 UTC
Done. I'm reassigning it back to the security team.
Comment 3 Swamp Workflow Management 2017-05-16 19:10:02 UTC
SUSE-SU-2017:1311-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1020890,1020976,1022428,1034911
CVE References: CVE-2017-3302,CVE-2017-3313
Sources used:
SUSE Linux Enterprise Server for SAP 12 (src):    mariadb-10.0.30-20.26.1
SUSE Linux Enterprise Server 12-LTSS (src):    mariadb-10.0.30-20.26.1
Comment 4 Swamp Workflow Management 2017-05-16 19:14:45 UTC
SUSE-SU-2017:1315-1: An update that solves two vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1020868,1020890,1020976,1022428,1034911,996821
CVE References: CVE-2017-3302,CVE-2017-3313
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Server 12-SP2 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Server 12-SP1 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    mariadb-10.0.30-25.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    mariadb-10.0.30-25.1
Comment 5 Marcus Meissner 2017-05-19 10:01:41 UTC
released
Comment 6 Swamp Workflow Management 2017-06-02 10:10:55 UTC
openSUSE-SU-2017:1475-1: An update that solves two vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1020868,1020890,1020976,1022428,1034911,1038740,996821
CVE References: CVE-2017-3302,CVE-2017-3313
Sources used:
openSUSE Leap 42.2 (src):    mariadb-10.0.30-20.4.1