Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 546724 - <dev-db/mariadb{,-galera}-{5.5.43,10.0.18}: multiple vulnerabilities (CVE-2014-8964,CVE-2015-{0433,0441,0499,0501,0505,2568,2571,2573})
Summary: <dev-db/mariadb{,-galera}-{5.5.43,10.0.18}: multiple vulnerabilities (CVE-201...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa cve]
Keywords:
: 548300 (view as bug list)
Depends on:
Blocks:
 
Reported: 2015-04-16 07:20 UTC by Agostino Sarubbo
Modified: 2016-10-11 13:45 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-04-16 07:20:00 UTC
+++ This bug was initially created as a clone of Bug #546722 +++

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
Comment 1 Brian Evans Gentoo Infrastructure gentoo-dev 2015-05-18 20:13:18 UTC
Arches, please test and mark stable.
The test suite should pass following the official instructions.
Local timeouts may be expected on resource starved machines. (each test thread can spawn up to 4 server instances)

Target keywords:
=dev-db/mariadb-10.0.19 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86

# Official test instructions:
# USE='embedded extraengine perl ssl static-libs community' \
# FEATURES='test userpriv -usersandbox' \
# ebuild mariadb-10.0.19.ebuild \
# digest clean package

# Parallel testing is enabled, auto will try to detect number of cores
# You may set this by hand.
# The default maximum is 8 unless MTR_MAX_PARALLEL is increased
export MTR_PARALLEL="${MTR_PARALLEL:-auto}"
Comment 2 Yury German Gentoo Infrastructure gentoo-dev Security 2015-05-19 03:26:36 UTC
*** Bug 548300 has been marked as a duplicate of this bug. ***
Comment 3 Agostino Sarubbo gentoo-dev 2015-05-19 07:13:58 UTC
amd64 stable
Comment 4 Jeroen Roovers gentoo-dev 2015-05-20 03:54:34 UTC
Stable for HPPA PPC64.
Comment 5 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2015-05-20 20:50:13 UTC
x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2015-05-27 13:06:31 UTC
arm stable
Comment 7 Jack Morgan (RETIRED) gentoo-dev 2015-06-02 05:02:01 UTC
ppc stable
Comment 8 Jack Morgan (RETIRED) gentoo-dev 2015-06-02 05:03:34 UTC
sparc stable
Comment 9 Agostino Sarubbo gentoo-dev 2015-07-03 10:00:12 UTC
alpha stable
Comment 10 Yury German Gentoo Infrastructure gentoo-dev Security 2015-07-06 05:00:48 UTC
Ping for IA64 stabilization,
Comment 11 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2015-07-16 17:23:40 UTC
ia64 stable
Comment 12 Brian Evans Gentoo Infrastructure gentoo-dev 2015-07-16 17:41:37 UTC
Old versions removed.

@security: ready for you
Comment 13 Yury German Gentoo Infrastructure gentoo-dev Security 2015-07-21 02:34:10 UTC
Arches and Maintainer(s), Thank you for your work.

New GLSA Request filed.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2016-10-11 13:45:01 UTC
This issue was resolved and addressed in
 GLSA 201610-06 at https://security.gentoo.org/glsa/201610-06
by GLSA coordinator Aaron Bauman (b-man).