Univention Bugzilla – Bug 48201
mariadb-10.1: Multiple issues (4.3)
Last modified: 2018-11-28 12:10:48 CET
New Debian mariadb-10.1 10.1.37-0+deb9u1 fixes: This update addresses the following issues: * Server: Replication unspecified vulnerability (CPU Oct 2017) (CVE-2017-10268) * Server: Optimizer unspecified vulnerability (CPU Oct 2017) (CVE-2017-10378) * Replication in sql/event_data_objects.cc occurs before ACL checks (CVE-2017-15365) * Server : Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562) * InnoDB unspecified vulnerability (CPU Jan 2018) (CVE-2018-2612) * Server: DDL unspecified vulnerability (CPU Jan 2018) (CVE-2018-2622) * Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2640) * Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2665) * Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2668) * Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) * Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761) * InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2766) * use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM) (CVE-2018-2767) * Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771) * Server: Optimizer unspecified vulnerability (CPU Apr 2018) (CVE-2018-2781) * InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2782) * InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2784) * InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2787) * Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2813) * Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2817) * InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2819) * MyISAM unspecified vulnerability (CPU Jul 2018) (CVE-2018-3058) * Server: Security: Privileges unspecified vulnerability (CPU Jul 2018) (CVE-2018-3063) * InnoDB unspecified vulnerability (CPU Jul 2018) (CVE-2018-3064) * Server: Options unspecified vulnerability (CPU Jul 2018) (CVE-2018-3066) * Client programs unspecified vulnerability (CPU Jul 2018) (CVE-2018-3081) * InnoDB unspecified vulnerability (CPU Oct 2018) (CVE-2018-3143) * InnoDB unspecified vulnerability (CPU Oct 2018) (CVE-2018-3156) * Client programs unspecified vulnerability (CPU Oct 2018) (CVE-2018-3174) * InnoDB unspecified vulnerability (CPU Oct 2018) (CVE-2018-3251) * Server: Storage Engines unspecified vulnerability (CPU Oct 2018) (CVE-2018-3282)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/mariadb-10.1_10.1.26-0+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-2/source/mariadb-10.1_10.1.37-0+deb9u1.dsc @@ -1,7 +1,87 @@ +10.1.37-0+deb9u1 [Wed, 08 Aug 2018 19:32:41 +0300] Otto Kekäläinen <otto@debian.org>: + + * SECURITY UPDATE: New upstream release 10.1.37. Includes fixes for + the following security vulnerabilities (Closes: #912848); + - CVE-2018-3282 + - CVE-2018-3251 + - CVE-2018-3174 + - CVE-2018-3156 + - CVE-2018-3143 + - CVE-2016-9843 + * Add (and rename) new man pages + * Add Gitlab-CI definition file that can test each commit to this repository + * Fix d/control metadata to match status for Debian Stretch + * Physically remove patches no longer in series and not applied anyway + * Fix wrong-path-for-interpreter in innotop script to make package + Lintian error free as pass CI systems fully + * Previous upstream version 10.1.35 included fixes for the following + security vulnerabilities: + - CVE-2018-3066 + - CVE-2018-3064 + - CVE-2018-3063 + - CVE-2018-3058 + * Previous upstream version 10.1.33 included fixes for the following + security vulnerabilities: + - CVE-2018-2819 + - CVE-2018-2817 + - CVE-2018-2813 + - CVE-2018-2787 + - CVE-2018-2784 + - CVE-2018-2782 + - CVE-2018-2781 + - CVE-2018-2771 + - CVE-2018-2767 + - CVE-2018-2766 + - CVE-2018-2761 + - CVE-2018-2755 + * Previous upstream version 10.1.31 included fixes for the following + security vulnerabilities: + - CVE-2018-2668 + - CVE-2018-2665 + - CVE-2018-2640 + - CVE-2018-2622 + - CVE-2018-2612 + - CVE-2018-2562 + * Revert "Update d/gbp.conf to track stretch branches" + * New upstream version 10.1.30. Includes fixes for the following + security vulnerabilities (Closes: #885345): + - CVE-2017-15365 + * Amend previous Debian changelog entries to contain new CVE identifiers + * Refresh patches for MariaDB 10.1.30 and again for .34 + * Delete unnecessary systemd files introduced by upstream + * Add new files introduced by upstream to correct packages + * Use list-missing instead of fail in d/rules so builds pass + + [ Ondřej Surý ] + * New upstream version 10.1.29. Includes fixes for the following + security vulnerabilities: + - CVE-2017-10378 + - CVE-2017-10268 + - MDEV-13819 + * Add libconfig-inifiles-perl to mariadb-client-10.1 depends to fix + mytop + * Add mips64el to the list of platforms that are allowed to fail test + suite + * Handle new and/or missing files + * Ignore failed tests on more non-release platforms (kfreebsd-i386, + kfreebsd-amd64 and sparc64) + * Rebase patches for MariaDB 10.1.29 + + [ Christian Ehrhardt ] + * d/t/upstream: skip func_regexp_pcre on s390x + + [ Vicentiu Ciorbaru ] + * Fix Mroonga compilation failure on arm64 + * Extend libmariadbclient-rename.patch to cover TokuDB as well + * Disable disks.disks test + 10.1.26-0+deb9u1 [Thu, 10 Aug 2017 21:07:44 +0200] Ondřej Surý <ondrej@debian.org>: * New upstream version 10.1.26. Includes fixes for the following security vulnerabilities: + - CVE-2017-10384 + - CVE-2017-10379 + - CVE-2017-10286 - CVE-2017-3636 - CVE-2017-3641 - CVE-2017-3653 <http://10.200.17.11/4.3-2/#7468064906290917408>
OK: yaml OK: announce_errata OK: patch ~OK: piuparts This is due to MariaDB not being started correctly in the PIUpaRTs environment. [4.3-2] 637ba7f954 Bug #48201: mariadb-10.1 10.1.37-0+deb9u1 doc/errata/staging/mariadb-10.1.yaml | 62 +++++++++++++++++------------------- 1 file changed, 29 insertions(+), 33 deletions(-) [4.3-2] 670d073f04 Bug #48201: mariadb-10.1 10.1.37-0+deb9u1 doc/errata/staging/mariadb-10.1.yaml | 78 ++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+)
<http://errata.software-univention.de/ucs/4.3/334.html> <http://errata.software-univention.de/ucs/4.3/336.html>