diff options
| author | Ryan Coe <bluemrp9@gmail.com> | 2019-06-10 16:30:25 -0700 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2019-06-23 23:07:50 +0200 |
| commit | 334fdcc9c8fda5e577dd92647f42b45d1900c1c4 (patch) | |
| tree | cab75646d809617a18229c411dc3515ae788e51c /arch | |
| parent | 0d9520968edfc92e422779c705b764a77fbe7442 (diff) | |
package/mariadb: security bump to version 10.3.15
The licensing text in README.md has changed slightly. The reference to
COPYING.LESSER has been removed. The file itself has been gone for awhile
now. COPYING.thirdparty has also been renamed to THIRDPARTY.
Release notes:
https://mariadb.com/kb/en/library/mariadb-10315-release-notes/
Changelog:
https://mariadb.com/kb/en/mariadb-10315-changelog/
Fixes the following security vulnerabilities:
CVE-2019-2614 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2019-2627 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Security: Privileges). Supported versions that are
affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior.
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server.
CVE-2019-2628 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and
prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 033844c44df13da70d9ca19e4ad057b9e730aef6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'arch')
0 files changed, 0 insertions, 0 deletions