Security update for mariadb (important)

2016-10-04T17:09:01
ID OPENSUSE-SU-2016:2448-1
Type suse
Reporter Suse
Modified 2016-10-04T17:09:01

Description

This update for mariadb to 10.0.27 fixes the following issues:

Security issue fixed:

  • CVE-2016-6662: A malicious user with SQL and filesystem access could create a my.cnf in the datadir and, under certain circumstances, execute arbitrary code as mysql (or even root) user. (bsc#998309)

  • release notes:

    • <a rel="nofollow" href="https://kb.askmonty.org/en/mariadb-10027-release-notes">https://kb.askmonty.org/en/mariadb-10027-release-notes</a>
  • changelog:
    • <a rel="nofollow" href="https://kb.askmonty.org/en/mariadb-10027-changelog">https://kb.askmonty.org/en/mariadb-10027-changelog</a>

Bugs fixed:

  • Make ORDER BY optimization functions take into account multiple equalities. (bsc#949520)

This update was imported from the SUSE:SLE-12-SP1:Update update project.