Overview

File _patchinfo of Package patchinfo.6476

<patchinfo incident="6476">
  <issue id="1058722" tracker="bnc">MariaDB - mysql-test - main.func_regexp_pcre is failing (regression)</issue>
  <issue id="1076505" tracker="bnc">VUL-0: mariadb: 10.0.33 release</issue>
  <issue id="1064101" tracker="bnc">VUL-0: CVE-2017-10268: mariadb,mysql: issue inside subcomponent Server Replication</issue>
  <issue id="1064115" tracker="bnc">VUL-0: CVE-2017-10378: mariadb,mysql: issue inside subcomponent Server Optimizer</issue>
  <issue id="2017-10378" tracker="cve" />
  <issue id="2017-10268" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>kstreitova</packager>
  <description>This update for mariadb to version 10.0.33 fixes several issues.

These security issues were fixed:

- CVE-2017-10378: Vulnerability in subcomponent: Server: Optimizer. Easily
  exploitable vulnerability allowed low privileged attacker with network access
  via multiple protocols to compromise MySQL Server. Successful attacks of this
  vulnerability can result in unauthorized ability to cause a hang or frequently
  repeatable crash (complete DOS) of MySQL Server (bsc#1064115).
- CVE-2017-10268: Vulnerability in subcomponent: Server: Replication. Difficult
  to exploit vulnerability allowed high privileged attacker with logon to the
  infrastructure where MySQL Server executes to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized access to
  critical data or complete access to all MySQL Server accessible data
  (bsc#1064101).

These non-security issues were fixed:

- CHECK TABLE no longer returns an error when run on a CONNECT table
- 'Undo log record is too big.' error occurring in very narrow range of string
  lengths
- Race condition between INFORMATION_SCHEMA.INNODB_SYS_TABLESTATS and
  ALTER/DROP/TRUNCATE TABLE
- Wrong result after altering a partitioned table fixed bugs in InnoDB FULLTEXT
  INDEX
- InnoDB FTS duplicate key error
- InnoDB crash after failed ADD INDEX and table_definition_cache eviction
- fts_create_doc_id() unnecessarily allocates 8 bytes for every inserted row
- IMPORT TABLESPACE may corrupt ROW_FORMAT=REDUNDANT tables

For additional details please see https://kb.askmonty.org/en/mariadb-10033-changelog
</description>
  <summary>Security update for mariadb</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places