Since MariaDB is a fork of MySQL 5.5, they relased a security update of dev-db/mariadb described at $URL related to http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL Full List of CVEs fixed in MariaDB CVE-2016-5440: MariaDB 5.5.50, MariaDB 10.1.15, MariaDB 10.0.26 CVE-2016-3615: MariaDB 5.5.50, MariaDB 10.1.15, MariaDB 10.0.26 CVE-2016-3521: MariaDB 5.5.50, MariaDB 10.1.15, MariaDB 10.0.26 CVE-2016-3477: MariaDB 5.5.50, MariaDB 10.1.15, MariaDB 10.0.26
Added to existing GLSA.
Shouldn't we call 10.0.26 to stable for this bug? 10.0.25 is the current stable.
(In reply to Brian Evans from comment #2) > Shouldn't we call 10.0.26 to stable for this bug? 10.0.25 is the current > stable. Yes, as it is shown in the bug title that is what we would call for. Are you ready to call for it?
(In reply to Aaron Bauman from comment #3) > (In reply to Brian Evans from comment #2) > > Shouldn't we call 10.0.26 to stable for this bug? 10.0.25 is the current > > stable. > > Yes, as it is shown in the bug title that is what we would call for. Are > you ready to call for it? Yes, I'm ready.. I was just confused by the actions in Comment 1 which usually happens later. ----- Arches, please test and mark stable. The test suite should pass following the official instructions. Local timeouts may be expected on resource starved machines. (each test thread can spawn up to 4 server instances) Target keywords: =dev-db/mariadb-10.0.26 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 # Official test instructions: # USE='embedded extraengine perl server openssl static-libs' \ # FEATURES='test userpriv -usersandbox' \ # ebuild mariadb-X.X.XX.ebuild \ # digest clean package # Parallel testing is enabled, auto will try to detect number of cores # You may set this by hand. # The default maximum is 8 unless MTR_MAX_PARALLEL is increased export MTR_PARALLEL="${MTR_PARALLEL:-auto}"
amd64 stable
x86 stable
Stable for PPC64.
Stable for HPPA.
arm stable
Stable on alpha.
This issue was resolved and addressed in GLSA 201610-06 at https://security.gentoo.org/glsa/201610-06 by GLSA coordinator Aaron Bauman (b-man).