- Home
- CVEs with nessus.description==An update for mariadb is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
The following packages have been upgraded to a later upstream version:
mariadb (5.5.60). (BZ#1584668, BZ#1584671, BZ#1584674, BZ#1601085)
Security Fix(es) :
* mysql: Client programs unspecified vulnerability (CPU Jul 2017) (CVE-2017-3636)
* mysql: Server: DML unspecified vulnerability (CPU Jul 2017) (CVE-2017-3641)
* mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017) (CVE-2017-3651)
* mysql: Server: Replication unspecified vulnerability (CPU Oct 2017) (CVE-2017-10268)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2017) (CVE-2017-10378)
* mysql: Client programs unspecified vulnerability (CPU Oct 2017) (CVE-2017-10379)
* mysql: Server: DDL unspecified vulnerability (CPU Oct 2017) (CVE-2017-10384)
* mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562)
* mysql: Server: DDL unspecified vulnerability (CPU Jan 2018) (CVE-2018-2622)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2640)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2665)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2668)
* mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755)
* mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761)
* mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771)
* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) (CVE-2018-2781)
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2813)
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2817)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2819)
* mysql: Server: DDL unspecified vulnerability (CPU Jul 2017) (CVE-2017-3653)
* mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM) (CVE-2018-2767)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es) :
* Previously, the mysqladmin tool waited for an inadequate length of time if the socket it listened on did not respond in a specific way.
Consequently, when the socket was used while the MariaDB server was starting, the mariadb service became unresponsive for a long time.
With this update, the mysqladmin timeout has been shortened to 2 seconds. As a result, the mariadb service either starts or fails but no longer hangs in the described situation. (BZ#1584023)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top