Overview

File _patchinfo of Package patchinfo.5499

<patchinfo incident="5499">
  <issue id="1072665" tracker="bnc">MariaDB: libmysqld18 shouldn't require an exact version of errormessages</issue>
  <issue id="1049399" tracker="bnc">VUL-0: CVE-2017-3636: mysql: Client programs unspecified vulnerability</issue>
  <issue id="1049417" tracker="bnc">VUL-0: CVE-2017-3653: mysql: DDL unspecified vulnerability</issue>
  <issue id="1054591" tracker="bnc">VUL-0: mariadb: 10.0.32 release</issue>
  <issue id="1049404" tracker="bnc">VUL-0: CVE-2017-3641: mysql: DML unspecified vulnerability</issue>
  <issue id="1039034" tracker="bnc">no ODBC support in MariaDB Server</issue>
  <issue id="2017-3641" tracker="cve" />
  <issue id="2017-3653" tracker="cve" />
  <issue id="2017-3636" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>kstreitova</packager>
  <description>This update for mariadb fixes several issues.

These security issues were fixed:

- CVE-2017-3636: Client programs had an unspecified vulnerability that could
  lead to unauthorized access and denial of service (bsc#1049399)
- CVE-2017-3641: DDL unspecified vulnerability could lead to denial of service
  (bsc#1049404)
- CVE-2017-3653: DML Unspecified vulnerability could lead to unauthorized
  database access (bsc#1049417)

This non-security issues was fixed:

- Add ODBC support for Connect engine (bsc#1039034)
- Relax required version for mariadb-errormessages (bsc#1072665)

</description>
  <summary>Security update for mariadb</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places