projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f969712) | patch
package/mariadb: security bump to version 10.3.15
authorRyan Coe <bluemrp9@gmail.com>
Mon, 10 Jun 2019 23:30:25 +0000 (16:30 -0700)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Tue, 11 Jun 2019 20:58:17 +0000 (22:58 +0200)
commit033844c44df13da70d9ca19e4ad057b9e730aef6
tree957aa96e041bba529348030d8491a09fc002ca1ctree
parentf969712a988c70522e336675b3d0f6ce0412ca73commit | diff
package/mariadb: security bump to version 10.3.15

The licensing text in README.md has changed slightly. The reference to
COPYING.LESSER has been removed. The file itself has been gone for awhile
now. COPYING.thirdparty has also been renamed to THIRDPARTY.

Release notes:
https://mariadb.com/kb/en/library/mariadb-10315-release-notes/

Changelog:
https://mariadb.com/kb/en/mariadb-10315-changelog/

Fixes the following security vulnerabilities:

CVE-2019-2614 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2019-2627 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Security: Privileges). Supported versions that are
affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior.
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server.

CVE-2019-2628 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and
prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server.

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/mariadb/mariadb.hash diff | blob | history
package/mariadb/mariadb.mk diff | blob | history