Fedora 25: mariadb Security Update
Summary
MariaDB is a community developed branch of MySQL.
MariaDB is a multi-user, multi-threaded SQL database server.
It is a client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MariaDB/MySQL client programs and generic MySQL files.
**Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled
Sphinx engine enabled Build dependecies Bison and Libarchive added, others
corrected Disabling Mroonga engine for i686 architecture, as it is not
supported by MariaDB **Removed patches: (fixed by upstream)** Patch5:
%{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32:
%{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309
CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled
'--big-test' option for the testsuite Disabled '--skip-rpl' option for the
testsuite = replication tests enabled **Warning** Some Spider tests
started to fail, the engine can be probabbly unsafe now. **Aditional bugs
solved:** #1459671: mariadb fails to start with tokudb; jemalloc not
correctly enabled ---- **Rebase to 10.1.24** Plugin oqgraph enabled
Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison
and Libarchive added, others corrected Disabling Mroonga engine for i686
architecture, as it is not supported by MariaDB **Removed patches: (fixed by
upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14:
%{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41:
%{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313
CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456
CVE-2017-3464 **Testsuite** Enabled '--big-test' option for the testsuite
Disabled '--skip-rpl' option for the testsuite = replication tests enabled
**Warning** Some Spider tests started to fail, the engine can be probabbly
unsafe now. **Aditional bugs solved:** #1459671: mariadb fails to start
with tokudb; jemalloc not correctly enabled ---- **Rebase to 10.1.24**
Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled
Build dependecies Bison and Libarchive added, others corrected Disabling
Mroonga engine for i686 architecture, as it is not supported by MariaDB
**Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch
Patch31: %{pkgnamepatch}-string-overflow.patch Patch32:
%{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308
CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464
**Testsuite** Enabled '--big-test' option for the testsuite Disabled
'--skip-rpl' option for the testsuite = replication tests enabled **Warning**
Some Spider tests started to fail, the engine can be probabbly unsafe now.
[ 1 ] Bug #1414387 - CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 mariadb: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1414387
[ 2 ] Bug #1459671 - mariadb fails to start with tokudb; jemalloc not correctly enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1459671
su -c 'dnf upgrade mariadb' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-2c0609b92a 2017-06-16 13:14:53.497492 Product : Fedora 25 Version : 10.1.24 Release : 3.fc25 URL : http://mariadb.org Summary : A community developed branch of MySQL Description : MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and generic MySQL files. **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled '--big-test' option for the testsuite Disabled '--skip-rpl' option for the testsuite = replication tests enabled **Warning** Some Spider tests started to fail, the engine can be probabbly unsafe now. **Aditional bugs solved:** #1459671: mariadb fails to start with tokudb; jemalloc not correctly enabled ---- **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled '--big-test' option for the testsuite Disabled '--skip-rpl' option for the testsuite = replication tests enabled **Warning** Some Spider tests started to fail, the engine can be probabbly unsafe now. **Aditional bugs solved:** #1459671: mariadb fails to start with tokudb; jemalloc not correctly enabled ---- **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled '--big-test' option for the testsuite Disabled '--skip-rpl' option for the testsuite = replication tests enabled **Warning** Some Spider tests started to fail, the engine can be probabbly unsafe now. [ 1 ] Bug #1414387 - CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 mariadb: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1414387 [ 2 ] Bug #1459671 - mariadb fails to start with tokudb; jemalloc not correctly enabled https://bugzilla.redhat.com/show_bug.cgi?id=1459671 su -c 'dnf upgrade mariadb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References