Gentoo Linux Security Advisory 201701-1 - Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 10.0.28 are affected.
d29d2c9599ff6a080a01a711eab24fa8a9c409782346fe6b151226f35a8ad256Red Hat Security Advisory 2016-2927-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb100-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
66e1ea59d4014df2a4d524614e18002ead15028ade3161134f30e5b4a1e9c414Red Hat Security Advisory 2016-2928-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb101-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
0b4663dd1293eea4507798a5759c83e25936795e0709279b272a99329da7448cRed Hat Security Advisory 2016-2749-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
2885c698b7f8dbeb61cdef79060e442a4d80a5dfbab9153600b85b4aee6e32caDebian Linux Security Advisory 3711-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.28.
41f298a0a271dd001dcfd761594bd49d2d5d9c6b70624698939dd5aad22b439eRed Hat Security Advisory 2016-2595-02 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
efc7657ab9526bfaa4bd2c527a331957fcb2307eb0c4160a005c123a071b5353Slackware Security Advisory - New mariadb packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
ef93f6a939a6068bbeaf1303f22af5dfc3a18cc982d6a9887ba77453a429439fRed Hat Security Advisory 2016-2131-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
e0d4017aacc635d92ac81e00a91de05fc52686499e7f45be1d6e5caccce336c2Red Hat Security Advisory 2016-2130-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: mysql55-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
03b624cce91b1d69085d50e89a4e1be58cfa8a759a1b0832a830b379c914eadb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed