File _patchinfo of Package patchinfo.3205

<patchinfo incident="3205">
  <issue id="949520" tracker="bnc">MariaDB: optimizer does not work as expected</issue>
  <issue id="998309" tracker="bnc">VUL-0: CVE-2016-6662: mysql,mariadb: Remote Root Code Execution / Privilege Escalation</issue>
  <issue id="2016-6662" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>kstreitova</packager>
  <description>
This update for mariadb to 1.0.0.27 fixes the following issues:

Security issue fixed:

* CVE-2016-6662: A malicious user with SQL and filesystem access could create
  a my.cnf in the datadir and, under certain circumstances, execute
  arbitrary code as mysql (or even root) user. (bsc#998309)

* release notes:
  * https://kb.askmonty.org/en/mariadb-10027-release-notes
* changelog:
  * https://kb.askmonty.org/en/mariadb-10027-changelog

Bugs fixed:

- Make ORDER BY optimization functions take into account multiple equalities.
  (bsc#949520)
</description>
  <summary>Security update for mariadb</summary>
</patchinfo>
openSUSE Build Service is sponsored by