Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2015:1665
HistoryAug 25, 2015 - 4:08 p.m.

mariadb security update

2015-08-2516:08:22
CentOS Project
lists.centos.org
49

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

5.7 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:N/I:N/A:C

0.023 Low

EPSS

Percentile

89.6%

JSON

CentOS Errata and Security Advisory CESA-2015:1665

MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.

It was found that the MySQL client library permitted but did not require a
client to use SSL/TLS when establishing a secure connection to a MySQL
server using the “–ssl” option. A man-in-the-middle attacker could use
this flaw to strip the SSL/TLS protection from a connection between a
client and a server. (CVE-2015-3152)

This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2015-0501,
CVE-2015-2568, CVE-2015-0499, CVE-2015-2571, CVE-2015-0433, CVE-2015-0441,
CVE-2015-0505, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643,
CVE-2015-2648, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757)

These updated packages upgrade MariaDB to version 5.5.44. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.

All MariaDB users should upgrade to these updated packages, which correct
these issues. After installing this update, the MariaDB server daemon
(mysqld) will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2015-August/083507.html

Affected packages:
mariadb
mariadb-bench
mariadb-devel
mariadb-embedded
mariadb-embedded-devel
mariadb-libs
mariadb-server
mariadb-test

Upstream details at:
https://access.redhat.com/errata/RHSA-2015:1665

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64mariadb< 5.5.44-1.el7_1mariadb-5.5.44-1.el7_1.x86_64.rpm
CentOS7x86_64mariadb-bench< 5.5.44-1.el7_1mariadb-bench-5.5.44-1.el7_1.x86_64.rpm
CentOS7i686mariadb-devel< 5.5.44-1.el7_1mariadb-devel-5.5.44-1.el7_1.i686.rpm
CentOS7x86_64mariadb-devel< 5.5.44-1.el7_1mariadb-devel-5.5.44-1.el7_1.x86_64.rpm
CentOS7i686mariadb-embedded< 5.5.44-1.el7_1mariadb-embedded-5.5.44-1.el7_1.i686.rpm
CentOS7x86_64mariadb-embedded< 5.5.44-1.el7_1mariadb-embedded-5.5.44-1.el7_1.x86_64.rpm
CentOS7i686mariadb-embedded-devel< 5.5.44-1.el7_1mariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm
CentOS7x86_64mariadb-embedded-devel< 5.5.44-1.el7_1mariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm
CentOS7i686mariadb-libs< 5.5.44-1.el7_1mariadb-libs-5.5.44-1.el7_1.i686.rpm
CentOS7x86_64mariadb-libs< 5.5.44-1.el7_1mariadb-libs-5.5.44-1.el7_1.x86_64.rpm
Rows per page:
1-10 of 121

Related

veracode 24
openvas 42
redhat 6
nessus 48
oraclelinux 2
osv 4
debian 6
slackware 2
securityvulns 1
mageia 2
ubuntu 2
suse 3
centos 1
archlinux 1
gentoo 2
kaspersky 2
f5 4
ibm 2
cve 12
prion 10
ubuntucve 10
mariadbunix 10
fedora 2
freebsd 1
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:52
Denial Of Service (DoS)
2019-05-02 05:17:52
Denial Of Service (DoS)
2019-05-02 05:17:52
openvas
openvas
CentOS Update for mariadb CESA-2015:1665 centos7
2015-08-26 00:00:00
RedHat Update for mariadb RHSA-2015:1665-01
2015-08-25 00:00:00
Oracle: Security Advisory (ELSA-2015-1665)
2015-10-06 00:00:00
redhat
redhat
(RHSA-2015:1647) Moderate: mariadb55-mariadb security update
2015-08-20 00:00:00
(RHSA-2015:1665) Moderate: mariadb security update
2015-08-24 00:00:00
(RHSA-2015:1629) Moderate: mysql55-mysql security update
2015-08-17 00:00:00
nessus
nessus
RHEL 7 : mariadb (RHSA-2015:1665) (BACKRONYM)
2015-08-25 00:00:00
CentOS 7 : mariadb (CESA-2015:1665) (BACKRONYM)
2015-08-26 00:00:00
Oracle Linux 7 : mariadb (ELSA-2015-1665) (BACKRONYM)
2015-08-25 00:00:00
oraclelinux
oraclelinux
mariadb security update
2015-08-24 00:00:00
mysql55-mysql security update
2015-08-17 00:00:00
osv
osv
mariadb-10.0 - security update
2015-07-20 00:00:00
mysql-5.5 - security update
2015-04-19 00:00:00
mysql-5.5 - security update
2015-07-18 00:00:00
debian
debian
[SECURITY] [DSA 3311-1] mariadb-10.0 security update
2015-07-20 05:25:41
[SECURITY] [DSA 3311-1] mariadb-10.0 security update
2015-07-20 05:25:41
[SECURITY] [DSA 3229-1] mysql-5.5 security update
2015-04-19 06:02:46
slackware
slackware
[slackware-security] mysql
2015-05-12 07:24:16
[slackware-security] mariadb
2015-05-12 07:24:00
securityvulns
securityvulns
[SECURITY] [DSA 3311-1] mariadb-10.0 security update
2015-07-20 00:00:00
mageia
mageia
Updated mariadb package fixes security vulnerabilities
2015-07-27 12:53:07
Updated mariadb packages fix security vulnerabilities
2015-05-06 18:16:01
ubuntu
ubuntu
MySQL vulnerabilities
2015-04-21 00:00:00
MySQL vulnerabilities
2015-07-21 00:00:00
suse
suse
Security update for mariadb (important)
2015-07-21 16:08:23
Security update for MariaDB (important)
2015-07-09 17:08:05
Security update for MySQL (important)
2015-05-26 15:04:53
centos
centos
mysql55 security update
2015-08-17 15:20:46
archlinux
archlinux
mariadb: denial of service
2015-05-08 00:00:00
gentoo
gentoo
MySQL and MariaDB: Multiple vulnerabilities
2016-10-11 00:00:00
MySQL: Multiple vulnerabilities
2015-07-10 00:00:00
kaspersky
kaspersky
KLA10638 Multiple vulnerabilities in Oracle MySQL
2015-07-17 00:00:00
KLA10553 Denial of service vulnerabilities in Oracle MySQL
2015-04-16 00:00:00
f5
f5
SOL17115 - Multiple MySQL vulnerabilities
2015-08-14 00:00:00
K17115 : Multiple MySQL vulnerabilities
2015-10-20 00:00:00
K16845 : MySQL vulnerability CVE-2015-3152
2015-07-02 00:00:00
ibm
ibm
Security Bulletin: Security vulnerabilities have been identified in Oracle MySQL shipped with IBM Tivoli Network Manager IP Edition (Oracle Advisory - April 2015)
2018-06-17 15:01:46
Security Bulletin: vulnerabilities in OpenSource Oracle MySQL Server affect IBM Security Guardium
2018-06-16 21:30:35
cve
cve
CVE-2015-4757
2015-07-16 11:00:00
CVE-2015-2648
2015-07-16 11:00:00
CVE-2015-4864
2015-10-21 23:59:00
prion
prion
Design/Logic Flaw
2015-07-16 11:00:00
Design/Logic Flaw
2015-10-21 23:59:00
Design/Logic Flaw
2015-04-16 17:00:00
ubuntucve
ubuntucve
CVE-2015-4757
2015-07-16 00:00:00
CVE-2015-4737
2015-07-16 00:00:00
CVE-2015-4864
2015-10-21 00:00:00
mariadbunix
mariadbunix
CVE-2015-4757
2015-07-16 11:00:00
CVE-2015-4864
2015-10-21 23:59:00
CVE-2015-2648
2015-07-16 11:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: mariadb-10.0.20-1.fc21
2015-07-10 19:10:52
[SECURITY] Fedora 22 Update: mariadb-10.0.20-1.fc22
2015-07-03 18:49:07
freebsd
freebsd
mysql -- SSL Downgrade
2015-03-20 00:00:00

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

5.7 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:N/I:N/A:C

0.023 Low

EPSS

Percentile

89.6%

JSON
Related for CESA-2015:1665
veracode24openvas42redhat6nessus48oraclelinux2osv4debian6slackware2securityvulns1mageia2ubuntu2suse3centos1archlinux1gentoo2kaspersky2f54ibm2cve12prion10ubuntucve10mariadbunix10fedora2freebsd1