Summary: | <dev-db/mariadb-10.0.29: multiple vulnerabilities (OCPUJAN2017) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | mysql-bugs, toto |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL | ||
Whiteboard: | B1 [glsa cve] | ||
Package list: |
=dev-db/mariadb-10.0.29 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-01-18 11:49:36 UTC
Here are the upstream changelogs: https://mariadb.com/kb/en/mariadb/mariadb-10029-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10121-release-notes/ They list the following CVEs: CVE-2016-6664,CVE-2017-3238,CVE-2017-3243,CVE-2017-3244,CVE-2017-3257,CVE-2017-3258,CVE-2017-3265,CVE-2017-3291,CVE-2017-3312,CVE-2017-3317,CVE-2017-3318 Fixed versions are 10.0.29 and 10.1.21. 10.0.29 is already in portage. 10.1.x branch has never been stabilized. @maintainer(s), ready to stabilize? @ Arches, please test and mark stable. The test suite should pass following the official instructions. Local timeouts may be expected on resource starved machines. (each test thread can spawn up to 4 server instances) Target keywords: =dev-db/mariadb-10.0.29 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 # Official test instructions: # USE='embedded extraengine perl server openssl static-libs' \ # FEATURES='test userpriv -usersandbox' \ # ebuild mariadb-10.0.29.ebuild \ # digest clean package # Parallel testing is enabled, auto will try to detect number of cores # You may set this by hand. # The default maximum is 8 unless MTR_MAX_PARALLEL is increased export MTR_PARALLEL="${MTR_PARALLEL:-auto}" amd64 stable x86 stable Stable on alpha. Stable for PPC64. Stable for HPPA. ppc stable Added to existing GLSA. arm stable sparc stable ia64 stable. Maintainer(s), please cleanup. Cleanup complete This issue was resolved and addressed in GLSA 201702-18 at https://security.gentoo.org/glsa/201702-18 by GLSA coordinator Thomas Deutschmann (whissi). |