Summary: | <dev-db/mariadb-5.5.37: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | mysql-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/56675/ | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 490580 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2014-02-04 10:36:37 UTC
From http://secunia.com/advisories/57120/ : escription Multiple vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to cause a DoS (Denial of Service). 1) A NULL pointer dereference error when handling certain prepared SELECT statements with subqueries can be exploited to cause a crash. Successful exploitation of this vulnerability requires the "materialization" and "semijoin" optimizer switches to be on. 2) An error when handling a KILL QUERY statement with certain concurrent SQL queries can be exploited to cause a crash. 3) An error when parsing NAME_CONST expression containing AND/OR expressions can be exploited to cause a crash. 4) An error when preparing SELECT statements with an invalid GROUP BY value can be exploited to trigger an assertion failure. 5) An error when handling certain SELECT statements with JOIN phrases can be exploited to cause a crash. Successful exploitation of this vulnerability requires the "sql_mode" setting to be set to "ONLY_FULL_GROUP_BY". 6) An error when handling certain concurrent UPDATE statements can be exploited to cause a crash. The vulnerabilities are reported in versions prior to 5.5.36. Solution: Update to version 5.5.36. Provided and/or discovered by: 1, 4, 6) Elena Stepanova. 2) Peter (Stig) Edwards. 3) Reported by the vendor. 5) Vasilis Lourdas. Original Advisory: https://mariadb.com/kb/en/mariadb-5536-release-notes/ https://mariadb.com/kb/en/mariadb-5536-changelog/ https://mariadb.atlassian.net/browse/MDEV-5581 https://mariadb.atlassian.net/browse/MDEV-714 https://mariadb.atlassian.net/browse/MDEV-5655 https://mariadb.atlassian.net/browse/MDEV-5505 https://mariadb.atlassian.net/browse/MDEV-5617 https://mariadb.atlassian.net/browse/MDEV-5629 I've pushed mariadb-5.5.37 into the tree. As with mysql, we're going to take care of this stabilization as this is the first 5.5 version that we're going to mark stable. (In reply to Jorge Manuel B. S. Vicetto from comment #2) > I've pushed mariadb-5.5.37 into the tree. As with mysql, we're going to take > care of this stabilization as this is the first 5.5 version that we're going > to mark stable. Ok, reclassified to B3. Feel free to add arch teams and began stabilization when you will be ready. Reclassifying to ~ again as it was determined to keep stabilization separate from previous security issues. Closing noglsa. 5.5.39 in tree and older versions removed or p.masked for removal. |