File _patchinfo of Package patchinfo.6239
<patchinfo incident="6239">
<issue id="1019858" tracker="bnc">VUL-0: CVE-2016-6225: xtrabackup: Encryption IV Not Being Set Properly</issue>
<issue id="2016-6225" tracker="cve" />
<category>security</category>
<rating>moderate</rating>
<packager>AndreasStieger</packager>
<description>This update for xtrabackup fixes the following issues:
- CVE-2016-6225: xbcrypt encryption IV not being set properly (boo#1019858)
In addition, XtraBackup was updated to 2.3.6 to include the following improvements:
- now supports SHA256 passwords
- new supports command options for secure connections
The following bugs were fixed:
- intermittent assertion failures when not correctly identifying
server version
- Safe slave backup algorithm performed too short delays between
retries which could cause backups to fail on a busy servers
- fix compilation warnings with gcc6
- Backup would still succeed even if xtrabackup would fail to
write the metadata
- xbcloud now supports EMC ECS Swift API Authorization requests
- backup failed with MariaDB 10.2 with the unsupported server
version error message
</description>
<summary>Security update for xtrabackup</summary>
</patchinfo>