Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in MariaDB
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in MariaDB
ID: MDVSA-2015:091
Distribution: Mandriva
Plattformen: Mandriva Business Server 2.0
Datum: Sa, 28. März 2015, 14:10
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0432
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
https://mariadb.com/kb/en/mariadb/mariadb-5535-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5536-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5537-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5538-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5539-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5540-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5541-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5542-release-notes/

Originalnachricht

This is a multi-part message in MIME format...

------------=_1427537728-3111-13

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:091
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : mariadb
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

This update provides MariaDB 5.5.42, which fixes several security
issues and other bugs. Please refer to the Oracle Critical Patch Update
Advisories and the Release Notes for MariaDB for further information
regarding the security vulnerabilities.

Additionally the jemalloc packages is being provided as it was
previousely provided with the mariadb source code, built and used
but removed from the mariadb source code since 5.5.40.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0374
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
https://mariadb.com/kb/en/mariadb/mariadb-5535-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5536-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5537-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5538-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5539-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5540-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5541-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5542-release-notes/
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 2/X86_64:
612cb3963513954a4ce130804bc8430d
mbs2/x86_64/lib64jemalloc1-3.6.0-2.mbs2.x86_64.rpm
b2e17515bfc67c9b2055bd00ed96b70b
mbs2/x86_64/lib64jemalloc-devel-3.6.0-2.mbs2.x86_64.rpm
b5898d79491f692c17fd40979695e841
mbs2/x86_64/lib64mariadb18-5.5.42-1.mbs2.x86_64.rpm
0614fe34c397dcbca4f05bca0303ed94
mbs2/x86_64/lib64mariadb-devel-5.5.42-1.mbs2.x86_64.rpm
e015606fc64fa868c71aa88fc1e1a5c5
mbs2/x86_64/lib64mariadb-embedded18-5.5.42-1.mbs2.x86_64.rpm
2fdd36edadf13efb6cf4d71dc4c8a8b5
mbs2/x86_64/lib64mariadb-embedded-devel-5.5.42-1.mbs2.x86_64.rpm
778bb867e4a9dd56fd22311c6411b76d mbs2/x86_64/mariadb-5.5.42-1.mbs2.x86_64.rpm
79aace7bec6451434316d56f5921befb
mbs2/x86_64/mariadb-bench-5.5.42-1.mbs2.x86_64.rpm
c2df3074f6e6d2746606dca06f183e00
mbs2/x86_64/mariadb-client-5.5.42-1.mbs2.x86_64.rpm
881efa4fdbbd9253bbbe96514db0d548
mbs2/x86_64/mariadb-common-5.5.42-1.mbs2.x86_64.rpm
fa6f6b56f29c8e3cef2a6041d1232c0e
mbs2/x86_64/mariadb-common-core-5.5.42-1.mbs2.x86_64.rpm
301351d85d8dd15e5bc64eefd687b37b
mbs2/x86_64/mariadb-core-5.5.42-1.mbs2.x86_64.rpm
4eed071bd33eab8c78b635cc8c430f73
mbs2/x86_64/mariadb-extra-5.5.42-1.mbs2.x86_64.rpm
8688b5068a8d446f09c3688fceb2e531
mbs2/x86_64/mariadb-feedback-5.5.42-1.mbs2.x86_64.rpm
e0fdd84a469e4236f9e61fbc91e4519f
mbs2/x86_64/mariadb-obsolete-5.5.42-1.mbs2.x86_64.rpm
0bc451e4a1b8734c4f120a1de423a95e
mbs2/x86_64/mysql-MariaDB-5.5.42-1.mbs2.x86_64.rpm
24c9a3d458242168777f87e8e637e1f9 mbs2/SRPMS/jemalloc-3.6.0-2.mbs2.src.rpm
65c1ffedf907ab44827596a84d63fcb0 mbs2/SRPMS/mariadb-5.5.42-1.mbs2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVFnCBmqjQ0CJFipgRArPsAJ9Gdi7LKL6GabAy8iYzUqGsq8jgPwCgmYQG
Jjvq33dGL9GddGLwWYnaWDA=
=XRxl
-----END PGP SIGNATURE-----


------------=_1427537728-3111-13
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1427537728-3111-13--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung