[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2015-1665 -- Oracle mariadb

ID: oval:org.secpod.oval:def:1501139Date: (C)2015-09-03   (M)2024-02-19
Class: PATCHFamily: unix




MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. These updated packages upgrade MariaDB to version 5.5.44. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon will be restarted automatically.

Platform:
Oracle Linux 7
Product:
mariadb
Reference:
ELSA-2015-1665
CVE-2015-0433
CVE-2015-0441
CVE-2015-0499
CVE-2015-0501
CVE-2015-0505
CVE-2015-2568
CVE-2015-2571
CVE-2015-2573
CVE-2015-2582
CVE-2015-2620
CVE-2015-2643
CVE-2015-2648
CVE-2015-3152
CVE-2015-4737
CVE-2015-4752
CVE-2015-4757
CVE    16
CVE-2015-0505
CVE-2015-0501
CVE-2015-0433
CVE-2015-0499
...
CPE    2
cpe:/a:mariadb:mariadb
cpe:/o:oracle:linux:7

© SecPod Technologies