Synopsis: Moderate: mariadb security update
Advisory ID: SLSA-2015:1665-1
Issue Date: 2015-08-24
CVE Numbers: CVE-2015-0501
CVE-2015-2568
CVE-2015-0499
CVE-2015-2571
CVE-2015-0433
CVE-2015-0441
CVE-2015-0505
CVE-2015-2573
CVE-2015-2582
CVE-2015-2620
CVE-2015-2643
CVE-2015-2648
CVE-2015-4737
CVE-2015-4752
CVE-2015-4757
CVE-2015-3152
--
It was found that the MySQL client library permitted but did not require a
client to use SSL/TLS when establishing a secure connection to a MySQL
server using the "--ssl" option. A man-in-the-middle attacker could use
this flaw to strip the SSL/TLS protection from a connection between a
client and a server. (CVE-2015-3152)
(CVE-2015-0501, CVE-2015-2568, CVE-2015-0499, CVE-2015-2571,
CVE-2015-0433, CVE-2015-0441, CVE-2015-0505, CVE-2015-2573, CVE-2015-2582,
CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, CVE-2015-4752,
CVE-2015-4757)
After installing this update, the MariaDB server daemon (mysqld) will be
restarted automatically.
--
SL7
x86_64
mariadb-5.5.44-1.el7_1.x86_64.rpm
mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm
mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm
mariadb-libs-5.5.44-1.el7_1.i686.rpm
mariadb-libs-5.5.44-1.el7_1.x86_64.rpm
mariadb-server-5.5.44-1.el7_1.x86_64.rpm
mariadb-bench-5.5.44-1.el7_1.x86_64.rpm
mariadb-devel-5.5.44-1.el7_1.i686.rpm
mariadb-devel-5.5.44-1.el7_1.x86_64.rpm
mariadb-embedded-5.5.44-1.el7_1.i686.rpm
mariadb-embedded-5.5.44-1.el7_1.x86_64.rpm
mariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm
mariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm
mariadb-test-5.5.44-1.el7_1.x86_64.rpm
- Scientific Linux Development Team
