CESA-2018:2439 -- centos 7 mariadbID: oval:org.secpod.oval:def:204867 | Date: (C)2018-08-22 (M)2022-12-01 |
Class: PATCH | Family: unix |
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb . Security Fix: * mysql: Client programs unspecified vulnerability * mysql: Server: DML unspecified vulnerability * mysql: Client mysqldump unspecified vulnerability * mysql: Server: Replication unspecified vulnerability * mysql: Server: Optimizer unspecified vulnerability * mysql: Client programs unspecified vulnerability * mysql: Server: DDL unspecified vulnerability * mysql: Server: Partition unspecified vulnerability * mysql: Server: DDL unspecified vulnerability * mysql: Server: Optimizer unspecified vulnerability * mysql: Server: Optimizer unspecified vulnerability * mysql: Server: Optimizer unspecified vulnerability * mysql: Server: Replication unspecified vulnerability * mysql: Client programs unspecified vulnerability * mysql: Server: Locking unspecified vulnerability * mysql: Server: Optimizer unspecified vulnerability * mysql: Server: DDL unspecified vulnerability * mysql: Server: DDL unspecified vulnerability * mysql: InnoDB unspecified vulnerability * mysql: Server: DDL unspecified vulnerability * mysql: use of SSL/TLS not enforced in libmysqld For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Previously, the mysqladmin tool waited for an inadequate length of time if the socket it listened on did not respond in a specific way. Consequently, when the socket was used while the MariaDB server was starting, the mariadb service became unresponsive for a long time. With this update, the mysqladmin timeout has been shortened to 2 seconds. As a result, the mariadb service either starts or fails but no longer hangs in the described situation