Overview

File _patchinfo of Package patchinfo.730

<patchinfo incident="730">
  <packager>kstreitova</packager>
  <issue tracker="bnc" id="936408">10.0.18 and 10.0.19 security update</issue>
  <issue tracker="bnc" id="919053">server crashes when inserting more rows than available space on disk</issue>
  <issue tracker="bnc" id="934789">Logjam Attack: mysql uses 512 bit dh groups in SSL</issue>
  <issue tracker="bnc" id="919062">InnoDB: Failing assertion: lock-&gt;lock_word == X_LOCK_DECR</issue>
  <issue tracker="bnc" id="924663"> CVE-2015-3152:mysql --ssl does not enforce SSL (oCERT-2015-003 BACKRONYM)</issue>
  <issue tracker="bnc" id="936409"> 10.0.17 security update</issue>
  <issue tracker="bnc" id="920865">ssl in fips mode can not connect with --ssl-cipher=DHE-RSA-AES256-SHA - handshake failure</issue>
  <issue tracker="bnc" id="920896">mysql-test in fips mode ssl tests with cipher failure</issue>
  <issue tracker="bnc" id="921333">mysql-test - SUITE:percona - percona.innodb_sys_index 'xtradb'  failure - @@version_comment</issue>
  <issue tracker="bnc" id="936407">CVE-2015-3152: 10.0.20 update</issue>
  <issue tracker="cve" id="CVE-2015-0505"></issue>
  <issue tracker="cve" id="CVE-2015-2571"></issue>
  <issue tracker="cve" id="CVE-2015-2573"></issue>
  <issue tracker="cve" id="CVE-2015-0501"></issue>
  <issue tracker="cve" id="CVE-2015-2568"></issue>
  <issue tracker="cve" id="CVE-2015-0433"></issue>
  <issue tracker="cve" id="CVE-2015-3152"></issue>
  <issue tracker="cve" id="CVE-2015-2325"></issue>
  <issue tracker="cve" id="CVE-2015-0499"></issue>
  <issue tracker="cve" id="CVE-2015-2326"></issue>
  <issue tracker="cve" id="CVE-2015-0441"></issue>
  <issue tracker="cve" id="CVE-2014-8964"></issue>
  <issue tracker="bnc" id="906574">VUL-1: CVE-2014-8964: pcre: heap buffer overflow</issue>
  <issue tracker="bnc" id="924960">VUL-0: CVE-2015-2325: pcre: heap buffer overflow in compile_branch()</issue>
  <issue tracker="bnc" id="924961">VUL-0: CVE-2015-2326: pcre: heap buffer overflow in pcre_compile2()</issue>
  <category>security</category>
  <rating>important</rating>
  <summary>Security update for mariadb</summary>
  <description>
      This update fixes the following security issues:
    * Logjam attack: mysql uses 512 bit dh groups in SSL [bnc#934789]
    * CVE-2015-3152: mysql --ssl does not enforce SSL [bnc#924663]
    * CVE-2014-8964: heap buffer overflow [bnc#906574]
    * CVE-2015-2325: heap buffer overflow in compile_branch() [bnc#924960]
    * CVE-2015-2326: heap buffer overflow in pcre_compile2() [bnc#924961]
    * CVE-2015-0501: unspecified vulnerability related to Server:Compiling (CPU April 2015) 
    * CVE-2015-2571: unspecified vulnerability related to Server:Optimizer (CPU April 2015)
    * CVE-2015-0505: unspecified vulnerability related to Server:DDL (CPU April 2015) 
    * CVE-2015-0499: unspecified vulnerability related to Server:Federated (CPU April 2015) 
    * CVE-2015-2568: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015) 
    * CVE-2015-2573: unspecified vulnerability related to Server:DDL (CPU April 2015)
    * CVE-2015-0433: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015) 
    * CVE-2015-0441: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015) 
  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places