Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2016:1132
HistoryMay 26, 2016 - 8:10 a.m.

(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update

2016-05-2608:10:09
access.redhat.com
26

0.151 Low

EPSS

Percentile

95.9%

JSON

MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries.

Security Fix(es):

  • It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. (CVE-2016-2047)

  • This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0655, CVE-2016-0666, CVE-2016-0668)

  • Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make MariaDB execute an SQL query with a specially crafted regular expression could use these flaws to cause it to crash or, possibly, execute arbitrary code. (CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395, CVE-2016-1283, CVE-2016-3191)

OSVersionArchitecturePackageVersionFilename
RedHat6x86_64rh-mariadb100-mariadb-oqgraph-engine< 10.0.25-4.el6rh-mariadb100-mariadb-oqgraph-engine-10.0.25-4.el6.x86_64.rpm
RedHat7x86_64rh-mariadb100-mariadb-common< 10.0.25-4.el7rh-mariadb100-mariadb-common-10.0.25-4.el7.x86_64.rpm
RedHat7x86_64rh-mariadb100-mariadb-devel< 10.0.25-4.el7rh-mariadb100-mariadb-devel-10.0.25-4.el7.x86_64.rpm
RedHat6srcrh-mariadb100-mariadb< 10.0.25-4.el6rh-mariadb100-mariadb-10.0.25-4.el6.src.rpm
RedHat6x86_64rh-mariadb100-mariadb< 10.0.25-4.el6rh-mariadb100-mariadb-10.0.25-4.el6.x86_64.rpm
RedHat6x86_64rh-mariadb100-mariadb-devel< 10.0.25-4.el6rh-mariadb100-mariadb-devel-10.0.25-4.el6.x86_64.rpm
RedHat7x86_64rh-mariadb100-mariadb-test< 10.0.25-4.el7rh-mariadb100-mariadb-test-10.0.25-4.el7.x86_64.rpm
RedHat7x86_64rh-mariadb100-mariadb-debuginfo< 10.0.25-4.el7rh-mariadb100-mariadb-debuginfo-10.0.25-4.el7.x86_64.rpm
RedHat6x86_64rh-mariadb100-mariadb-errmsg< 10.0.25-4.el6rh-mariadb100-mariadb-errmsg-10.0.25-4.el6.x86_64.rpm
RedHat7x86_64rh-mariadb100-mariadb< 10.0.25-4.el7rh-mariadb100-mariadb-10.0.25-4.el7.x86_64.rpm
Rows per page:
1-10 of 221

Related

nessus 79
centos 3
openvas 57
suse 8
redhat 7
oraclelinux 3
debian 14
mageia 2
archlinux 1
amazon 2
osv 1
freebsd 1
kaspersky 1
f5 5
ubuntu 3
fedora 6
ibm 2
gentoo 1
ubuntucve 1
debiancve 1
prion 1
nessus
nessus
RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:1132)
2024-04-24 00:00:00
openSUSE Security Update : mariadb (openSUSE-2016-780)
2016-06-28 00:00:00
CentOS 7 : mariadb (CESA-2016:0534)
2016-04-01 00:00:00
centos
centos
mariadb security update
2016-03-31 20:53:35
pcre security update
2016-05-13 00:44:08
mariadb security update
2016-08-12 11:27:37
openvas
openvas
SUSE: Security Advisory for mariadb (SUSE-SU-2016:1619-1)
2016-06-18 00:00:00
Oracle: Security Advisory (ELSA-2016-0534)
2016-04-06 00:00:00
Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2016-1011)
2020-01-23 00:00:00
suse
suse
Security update for mariadb (important)
2016-06-27 15:08:28
Security update for mariadb (important)
2016-06-17 20:09:22
Security update for mariadb (important)
2016-06-23 13:09:33
redhat
redhat
(RHSA-2016:0534) Moderate: mariadb security and bug fix update
2016-03-31 14:15:24
(RHSA-2016:22610) Moderate: mariadb security and bug fix update
2016-02-03 05:00:00
(RHSA-2016:1481) Moderate: mariadb55-mariadb security update
2016-07-25 07:45:27
oraclelinux
oraclelinux
mariadb security and bug fix update
2016-03-31 00:00:00
pcre security update
2016-05-11 00:00:00
mariadb security update
2016-08-11 00:00:00
debian
debian
[SECURITY] [DSA 3377-1] mysql-5.5 security update
2015-10-24 08:06:52
[SECURITY] [DSA 3377-1] mysql-5.5 security update
2015-10-24 08:06:52
[SECURITY] [DLA 447-1] mysql-5.5 security update
2016-04-30 09:29:15
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2015-11-17 00:36:58
Updated mariadb packages fix security vulnerabilities
2016-05-18 23:14:22
archlinux
archlinux
mariadb: denial of service
2015-10-30 00:00:00
amazon
amazon
Important: mysql55
2016-08-17 13:30:00
Critical: mysql56
2016-05-18 14:00:00
osv
osv
mysql-5.5 - security update
2016-04-26 00:00:00
freebsd
freebsd
MySQL - Multiple vulnerabilities
2015-11-10 00:00:00
kaspersky
kaspersky
KLA10749 Multiple vulnerabilities in MariaDB
2016-01-27 00:00:00
f5
f5
SOL70204455 - Multiple MySQL vulnerabilities
2016-08-05 00:00:00
K70204455 : Multiple MySQL vulnerabilities
2016-08-05 00:00:00
K77508618 : Multiple Oracle MySQL vulnerabilities
2017-05-06 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2016-04-21 00:00:00
MySQL vulnerabilities
2016-01-26 00:00:00
MySQL vulnerabilities
2015-10-26 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: mariadb-10.0.23-1.fc23
2016-02-21 16:34:44
[SECURITY] Fedora 22 Update: mariadb-10.0.23-1.fc22
2016-03-05 22:51:47
[SECURITY] Fedora 22 Update: mingw-pcre-8.38-1.fc22
2016-02-17 04:25:54
ibm
ibm
Security Bulletin: Multiple vulnerabilities in mariadb affect PowerKVM
2018-06-18 01:33:09
Security Bulletin: Multiple vulnerabilities in PCRE affect PowerKVM
2018-06-18 01:32:32
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
ubuntucve
ubuntucve
CVE-2015-8392
2015-12-01 00:00:00
debiancve
debiancve
CVE-2015-8384
2015-12-02 01:59:08
prion
prion
Design/Logic Flaw
2015-12-02 01:59:00

0.151 Low

EPSS

Percentile

95.9%

JSON
Related for RHSA-2016:1132
nessus79centos3openvas57suse8redhat7oraclelinux3debian14mageia2archlinux1amazon2osv1freebsd1kaspersky1f55ubuntu3fedora6ibm2gentoo1ubuntucve1debiancve1prion1