Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 507978 - <dev-db/mariadb-5.5.39: Multiple Vulnerabilities
Summary: <dev-db/mariadb-5.5.39: Multiple Vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/58106/
Whiteboard: ~2 [noglsa]
Keywords:
Depends on: 490580
Blocks:
  Show dependency tree
 
Reported: 2014-04-18 10:02 UTC by Agostino Sarubbo
Modified: 2014-09-10 21:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-04-18 10:02:31 UTC 
From ${URL} :

Description

Multiple vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to cause 
a DoS (Denial of Service) and compromise a vulnerable system and by malicious people to disclose sensitive 
information, manipulate certain data, and cause a DoS.

For more information:
SA57940 (#2, #3, #8, #9, #10, #12, #13, #14)

The vulnerabilities are reported in versions prior to 5.5.37.


Solution:
Update to version 5.5.37.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
https://mariadb.com/kb/en/mariadb-5537-release-notes/
https://mariadb.com/kb/en/mariadb-5537-changelog/


@maintainer(s): since the package has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
Comment 1 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2014-04-24 23:59:35 UTC 
mariadb-5.5.32 dropped from the tree.
Comment 2 Kristian Fiskerstrand (RETIRED) gentoo-dev 2014-09-10 21:01:51 UTC 
Closing noglsa. 5.5.39 in tree and older versions removed or p.masked for removal.