Bug 915911 (CVE-2014-6568) - VUL-0: CVE-2014-6568: mariadb: 10.0.16 release fixes various issues
Summary: VUL-0: CVE-2014-6568: mariadb: 10.0.16 release fixes various issues
Status: RESOLVED FIXED
Alias: CVE-2014-6568
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Kristyna Streitova
QA Contact: Security Team bot
URL:
Whiteboard: maint:running:60717:important
Keywords:
Depends on:
Blocks:
 
Reported: 2015-02-03 07:12 UTC by Marcus Meissner
Modified: 2019-05-06 13:58 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-02-03 07:12:08 UTC 
https://mariadb.com/kb/en/mariadb/mariadb-10016-release-notes/


Fixes for the following security vulnerabilities:
        CVE-2015-0411
        CVE-2015-0382
        CVE-2015-0381
        CVE-2015-0432
        CVE-2014-6568
        CVE-2015-0374
Comment 1 Johannes Segitz 2015-02-03 09:27:21 UTC 
I just changed SUSE:Maintenance:217 to a security incident (was the recommended update to 10.0.14). Please fix the CVE references as asked by Marcus in bnc#915913 and submit.
Comment 2 Swamp Workflow Management 2015-02-03 23:00:14 UTC 
bugbot adjusting priority
Comment 3 Kristyna Streitova 2015-02-11 16:04:26 UTC 
As I wrote in Bug 911442 - We are still facing the "Bug 904627 - innodb crashes when disk is full if you run ALTER TABLE" that should have been fixed by upstream since version 10.0.13 and it seems it's not. We should wait till this issue will be solved (or it will be proven the bug is not present in 10.0.16).
Comment 4 Kristyna Streitova 2015-02-13 16:56:41 UTC 
The initial problem from Bug 904627 was solved (and the related issues will be debugged further for later updates). 
The mariaDB 10.0.16 was submitted (mr#51592) and I'm closing this bug.
Comment 5 Johannes Segitz 2015-02-16 11:37:50 UTC 
Please include fix for bnc#911556 in your submit. Thanks
Comment 6 Kristyna Streitova 2015-02-17 20:45:03 UTC 
(In reply to Johannes Segitz from comment #5)
> Please include fix for bnc#911556 in your submit. Thanks

Done (mr#51754).
Comment 7 Kristyna Streitova 2015-02-18 13:02:25 UTC 
Closing again ^
Comment 8 Swamp Workflow Management 2015-04-21 17:07:04 UTC 
SUSE-SU-2015:0743-1: An update that fixes 40 vulnerabilities is now available.

Category: security (important)
Bug References: 873351,876282,880891,896400,904627,906117,906194,911442,911556,915911,915912,915913,915914,919229
CVE References: CVE-2010-5298,CVE-2012-5615,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-2494,CVE-2014-3470,CVE-2014-4207,CVE-2014-4258,CVE-2014-4260,CVE-2014-4274,CVE-2014-4287,CVE-2014-6463,CVE-2014-6464,CVE-2014-6469,CVE-2014-6474,CVE-2014-6478,CVE-2014-6484,CVE-2014-6489,CVE-2014-6491,CVE-2014-6494,CVE-2014-6495,CVE-2014-6496,CVE-2014-6500,CVE-2014-6505,CVE-2014-6507,CVE-2014-6520,CVE-2014-6530,CVE-2014-6551,CVE-2014-6555,CVE-2014-6559,CVE-2014-6564,CVE-2014-6568,CVE-2015-0374,CVE-2015-0381,CVE-2015-0382,CVE-2015-0391,CVE-2015-0411,CVE-2015-0432
Sources used:
SUSE Linux Enterprise Workstation Extension 12 (src):    mariadb-10.0.16-15.1
SUSE Linux Enterprise Software Development Kit 12 (src):    mariadb-10.0.16-15.1
SUSE Linux Enterprise Server 12 (src):    mariadb-10.0.16-15.1
SUSE Linux Enterprise Desktop 12 (src):    mariadb-10.0.16-15.1