Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2014-307-01
HistoryNov 04, 2014 - 1:25 a.m.

[slackware-security] mariadb

2014-11-0401:25:07
Slackware Linux Project
www.slackware.com
27

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:

patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://vulners.com/cve/CVE-2014-6507
https://vulners.com/cve/CVE-2014-6491
https://vulners.com/cve/CVE-2014-6500
https://vulners.com/cve/CVE-2014-6469
https://vulners.com/cve/CVE-2014-6555
https://vulners.com/cve/CVE-2014-6559
https://vulners.com/cve/CVE-2014-6494
https://vulners.com/cve/CVE-2014-6496
https://vulners.com/cve/CVE-2014-6464
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz

MD5 signatures:

Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz

Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz

Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz

Then, restart the database server:
> sh /etc/rc.d/rc.mysqld restart

Related

mageia 1
openvas 24
nessus 25
gentoo 1
ibm 1
amazon 1
mariadbunix 9
ubuntu 1
debian 2
cve 9
nvd 9
cvelist 9
prion 9
ubuntucve 9
debiancve 4
osv 1
f5 2
suse 3
redhat 6
veracode 5
centos 2
oraclelinux 2
fedora 1
securityvulns 1
oracle 1
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2014-10-26 00:23:09
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0424)
2022-01-28 00:00:00
Oracle MySQL Server <= 5.5.39 / 5.6 <= 5.6.20 Security Update (cpuoct2014) - Linux
2016-06-03 00:00:00
Oracle MySQL Server <= 5.5.39 / 5.6 <= 5.6.20 Security Update (cpuoct2014) - Windows
2014-10-20 00:00:00
nessus
nessus
MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities (October 2014 CPU)
2014-10-15 00:00:00
GLSA-201411-02 : MySQL, MariaDB: Multiple vulnerabilities
2014-11-06 00:00:00
MariaDB 10.0.0 < 10.0.15 Multiple Vulnerabilities
2019-09-26 00:00:00
gentoo
gentoo
MySQL, MariaDB: Multiple vulnerabilities
2014-11-05 00:00:00
ibm
ibm
Security Bulletin: InfoSphere Guardium Database Activity Monitoring vulnerable to multiple Oracle MySQL vulnerabilties
2018-06-16 21:28:16
amazon
amazon
Important: mysql55
2014-10-16 22:14:00
mariadbunix
mariadbunix
CVE-2014-6494
2014-10-15 22:55:00
CVE-2014-6491
2014-10-15 22:55:00
CVE-2014-6500
2014-10-15 22:55:00
ubuntu
ubuntu
MySQL vulnerabilities
2014-10-15 00:00:00
debian
debian
[SECURITY] [DSA 3054-1] mysql-5.5 security update
2014-10-20 15:27:13
[SECURITY] [DSA 3054-1] mysql-5.5 security update
2014-10-20 15:27:13
cve
cve
CVE-2014-6496
2014-10-15 22:55:06
CVE-2014-6500
2014-10-15 22:55:06
CVE-2014-6491
2014-10-15 22:55:05
nvd
nvd
CVE-2014-6496
2014-10-15 22:55:06
CVE-2014-6494
2014-10-15 22:55:05
CVE-2014-6491
2014-10-15 22:55:05
cvelist
cvelist
CVE-2014-6496
2014-10-15 22:03:00
CVE-2014-6500
2014-10-15 22:03:00
CVE-2014-6491
2014-10-15 22:03:00
prion
prion
Design/Logic Flaw
2014-10-15 22:55:00
Design/Logic Flaw
2014-10-15 22:55:00
Design/Logic Flaw
2014-10-15 22:55:00
ubuntucve
ubuntucve
CVE-2014-6500
2014-10-15 00:00:00
CVE-2014-6496
2014-10-15 00:00:00
CVE-2014-6491
2014-10-15 00:00:00
debiancve
debiancve
CVE-2014-6491
2014-10-15 22:55:05
CVE-2014-6496
2014-10-15 22:55:06
CVE-2014-6494
2014-10-15 22:55:05
osv
osv
mysql-5.5 - security update
2014-10-20 00:00:00
f5
f5
SOL15725 - Multiple 5.5.x and 5.6.x MySQL vulnerabilities
2014-10-23 00:00:00
K15725 : Multiple 5.5.x and 5.6.x MySQL vulnerabilities
2014-10-23 00:00:00
suse
suse
Security update for MariaDB (important)
2015-07-09 17:08:05
Security update for MySQL (important)
2015-03-28 01:04:56
Security update for mariadb (important)
2015-04-21 19:05:04
redhat
redhat
(RHSA-2014:1937) Important: mariadb-galera security update
2014-12-02 16:39:58
(RHSA-2014:1940) Important: mariadb-galera security update
2014-12-02 16:44:45
(RHSA-2014:1860) Important: mysql55-mysql security update
2014-11-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:50
Denial Of Service (DoS)
2019-05-02 05:04:50
Arbitrary Code Execution
2019-05-02 05:04:50
centos
centos
mariadb security update
2014-11-17 17:32:07
mysql55 security update
2014-11-17 17:35:05
oraclelinux
oraclelinux
mysql55-mysql security update
2014-11-17 00:00:00
mariadb security update
2014-11-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: mariadb-5.5.40-1.fc20
2014-12-12 04:25:50
securityvulns
securityvulns
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2014-11-03 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON
Related for SSA-2014-307-01
mageia1openvas24nessus25gentoo1ibm1amazon1mariadbunix9ubuntu1debian2cve9nvd9cvelist9prion9ubuntucve9debiancve4osv1f52suse3redhat6veracode5centos2oraclelinux2fedora1securityvulns1oracle1