- Issued:
- 2014-11-17
- Updated:
- 2014-11-17
RHSA-2014:1862 - Security Advisory
Synopsis
Important: mariadb55-mariadb security update
Type/Severity
Security Advisory: Important
Topic
Updated mariadb55-mariadb packages that fix several security issues are now
available for Red Hat Software Collections 1.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Description
MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.
This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)
These updated packages upgrade MariaDB to version 5.5.40. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.
All MariaDB users should upgrade to these updated packages, which correct
these issues. After installing this update, the MariaDB server daemon
(mysqld) will be restarted automatically.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
Affected Products
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.6 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.5 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.4 x86_64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 6 x86_64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6 x86_64
- Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 6 x86_64
Fixes
- BZ - 1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014)
- BZ - 1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
- BZ - 1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014)
- BZ - 1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
- BZ - 1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
- BZ - 1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
- BZ - 1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
- BZ - 1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
- BZ - 1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
- BZ - 1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
- BZ - 1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
- BZ - 1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
- BZ - 1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
- BZ - 1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
- BZ - 1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
- BZ - 1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)
CVEs
- CVE-2014-4260
- CVE-2014-4258
- CVE-2014-4274
- CVE-2014-6507
- CVE-2014-6520
- CVE-2014-6505
- CVE-2014-6551
- CVE-2014-2494
- CVE-2014-6555
- CVE-2014-4207
- CVE-2014-4287
- CVE-2014-6469
- CVE-2014-6484
- CVE-2014-4243
- CVE-2014-6464
- CVE-2014-6559
- CVE-2014-6530
- CVE-2014-6463
References
- https://access.redhat.com/security/updates/classification/#important
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL
- https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el7.src.rpm | SHA-256: 0e338a52ec9002184d54c8f4e4c6314dd23cab557457f25a0819a43b98c1d45b |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el7.x86_64.rpm | SHA-256: e982e8b927bac58b7a6ba8bd53cf4b84699d0701cd0795a2afc568dc79066ee1 |
| mariadb55-mariadb-bench-5.5.40-10.el7.x86_64.rpm | SHA-256: f641d5fd390025e04a22837610560a0464166a5934db546bf05ddf6702966144 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el7.x86_64.rpm | SHA-256: 7bd076c2457ff92e7644aadec96f4e805578233bb2ec43eb327f6ca5485b901b |
| mariadb55-mariadb-devel-5.5.40-10.el7.x86_64.rpm | SHA-256: 79b3ff8757da03f4fe34807d7c5525d2c1060a7c8a6a48d35abd7255b3278692 |
| mariadb55-mariadb-libs-5.5.40-10.el7.x86_64.rpm | SHA-256: b3e95df389b6f47c62ae8ab9ebf132438a15516d26a65edea610535ccd1b5fe4 |
| mariadb55-mariadb-server-5.5.40-10.el7.x86_64.rpm | SHA-256: be409f305d58e2fbefd5a8b9176bd01e51244bd2886caae913921014728f4e52 |
| mariadb55-mariadb-test-5.5.40-10.el7.x86_64.rpm | SHA-256: 2d75bda7d94ddd57a02fc17bd249c0d967d3ec068d8fe21ca59922609e8bb439 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.6
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el6.src.rpm | SHA-256: 23dea64e63216deb98b715b59649746ddee327769a4fff966e1b15a4df45c77c |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el6.x86_64.rpm | SHA-256: bbf0323a9c4796194dc927be970c6b719bd62d953a2cbe98788ec47d122ed6f8 |
| mariadb55-mariadb-bench-5.5.40-10.el6.x86_64.rpm | SHA-256: 94fc225a6f74e22bc7eba78bc7d7c811fd52c699223d8a164bb164ac99bcde28 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el6.x86_64.rpm | SHA-256: 5d724432796fb63c3e60e9e5027f595af5f34763c4719518ff6191b4060c4df7 |
| mariadb55-mariadb-devel-5.5.40-10.el6.x86_64.rpm | SHA-256: f22455b9e6fe603325f9f38090cb874453c0913f04553b3fcad1a53825cf04eb |
| mariadb55-mariadb-libs-5.5.40-10.el6.x86_64.rpm | SHA-256: d2c5eb7f0dbad5b3da30d232e628e184fa2bf278dcfc8e5721c416d3e68429d6 |
| mariadb55-mariadb-server-5.5.40-10.el6.x86_64.rpm | SHA-256: 1c89cec2f66fc779c87f3e9c1586d354d5947214becb6efa224e22a725b5d1ad |
| mariadb55-mariadb-test-5.5.40-10.el6.x86_64.rpm | SHA-256: 4172233f636f3ff6afdabc1c33261aa7519f6ce517199e7aca42e94b744f1920 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.5
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el6.src.rpm | SHA-256: 23dea64e63216deb98b715b59649746ddee327769a4fff966e1b15a4df45c77c |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el6.x86_64.rpm | SHA-256: bbf0323a9c4796194dc927be970c6b719bd62d953a2cbe98788ec47d122ed6f8 |
| mariadb55-mariadb-bench-5.5.40-10.el6.x86_64.rpm | SHA-256: 94fc225a6f74e22bc7eba78bc7d7c811fd52c699223d8a164bb164ac99bcde28 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el6.x86_64.rpm | SHA-256: 5d724432796fb63c3e60e9e5027f595af5f34763c4719518ff6191b4060c4df7 |
| mariadb55-mariadb-devel-5.5.40-10.el6.x86_64.rpm | SHA-256: f22455b9e6fe603325f9f38090cb874453c0913f04553b3fcad1a53825cf04eb |
| mariadb55-mariadb-libs-5.5.40-10.el6.x86_64.rpm | SHA-256: d2c5eb7f0dbad5b3da30d232e628e184fa2bf278dcfc8e5721c416d3e68429d6 |
| mariadb55-mariadb-server-5.5.40-10.el6.x86_64.rpm | SHA-256: 1c89cec2f66fc779c87f3e9c1586d354d5947214becb6efa224e22a725b5d1ad |
| mariadb55-mariadb-test-5.5.40-10.el6.x86_64.rpm | SHA-256: 4172233f636f3ff6afdabc1c33261aa7519f6ce517199e7aca42e94b744f1920 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6.4
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el6.src.rpm | SHA-256: 23dea64e63216deb98b715b59649746ddee327769a4fff966e1b15a4df45c77c |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el6.x86_64.rpm | SHA-256: bbf0323a9c4796194dc927be970c6b719bd62d953a2cbe98788ec47d122ed6f8 |
| mariadb55-mariadb-bench-5.5.40-10.el6.x86_64.rpm | SHA-256: 94fc225a6f74e22bc7eba78bc7d7c811fd52c699223d8a164bb164ac99bcde28 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el6.x86_64.rpm | SHA-256: 5d724432796fb63c3e60e9e5027f595af5f34763c4719518ff6191b4060c4df7 |
| mariadb55-mariadb-devel-5.5.40-10.el6.x86_64.rpm | SHA-256: f22455b9e6fe603325f9f38090cb874453c0913f04553b3fcad1a53825cf04eb |
| mariadb55-mariadb-libs-5.5.40-10.el6.x86_64.rpm | SHA-256: d2c5eb7f0dbad5b3da30d232e628e184fa2bf278dcfc8e5721c416d3e68429d6 |
| mariadb55-mariadb-server-5.5.40-10.el6.x86_64.rpm | SHA-256: 1c89cec2f66fc779c87f3e9c1586d354d5947214becb6efa224e22a725b5d1ad |
| mariadb55-mariadb-test-5.5.40-10.el6.x86_64.rpm | SHA-256: 4172233f636f3ff6afdabc1c33261aa7519f6ce517199e7aca42e94b744f1920 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 6
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el6.src.rpm | SHA-256: 23dea64e63216deb98b715b59649746ddee327769a4fff966e1b15a4df45c77c |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el6.x86_64.rpm | SHA-256: bbf0323a9c4796194dc927be970c6b719bd62d953a2cbe98788ec47d122ed6f8 |
| mariadb55-mariadb-bench-5.5.40-10.el6.x86_64.rpm | SHA-256: 94fc225a6f74e22bc7eba78bc7d7c811fd52c699223d8a164bb164ac99bcde28 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el6.x86_64.rpm | SHA-256: 5d724432796fb63c3e60e9e5027f595af5f34763c4719518ff6191b4060c4df7 |
| mariadb55-mariadb-devel-5.5.40-10.el6.x86_64.rpm | SHA-256: f22455b9e6fe603325f9f38090cb874453c0913f04553b3fcad1a53825cf04eb |
| mariadb55-mariadb-libs-5.5.40-10.el6.x86_64.rpm | SHA-256: d2c5eb7f0dbad5b3da30d232e628e184fa2bf278dcfc8e5721c416d3e68429d6 |
| mariadb55-mariadb-server-5.5.40-10.el6.x86_64.rpm | SHA-256: 1c89cec2f66fc779c87f3e9c1586d354d5947214becb6efa224e22a725b5d1ad |
| mariadb55-mariadb-test-5.5.40-10.el6.x86_64.rpm | SHA-256: 4172233f636f3ff6afdabc1c33261aa7519f6ce517199e7aca42e94b744f1920 |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el7.src.rpm | SHA-256: 0e338a52ec9002184d54c8f4e4c6314dd23cab557457f25a0819a43b98c1d45b |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el7.x86_64.rpm | SHA-256: e982e8b927bac58b7a6ba8bd53cf4b84699d0701cd0795a2afc568dc79066ee1 |
| mariadb55-mariadb-bench-5.5.40-10.el7.x86_64.rpm | SHA-256: f641d5fd390025e04a22837610560a0464166a5934db546bf05ddf6702966144 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el7.x86_64.rpm | SHA-256: 7bd076c2457ff92e7644aadec96f4e805578233bb2ec43eb327f6ca5485b901b |
| mariadb55-mariadb-devel-5.5.40-10.el7.x86_64.rpm | SHA-256: 79b3ff8757da03f4fe34807d7c5525d2c1060a7c8a6a48d35abd7255b3278692 |
| mariadb55-mariadb-libs-5.5.40-10.el7.x86_64.rpm | SHA-256: b3e95df389b6f47c62ae8ab9ebf132438a15516d26a65edea610535ccd1b5fe4 |
| mariadb55-mariadb-server-5.5.40-10.el7.x86_64.rpm | SHA-256: be409f305d58e2fbefd5a8b9176bd01e51244bd2886caae913921014728f4e52 |
| mariadb55-mariadb-test-5.5.40-10.el7.x86_64.rpm | SHA-256: 2d75bda7d94ddd57a02fc17bd249c0d967d3ec068d8fe21ca59922609e8bb439 |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el6.src.rpm | SHA-256: 23dea64e63216deb98b715b59649746ddee327769a4fff966e1b15a4df45c77c |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el6.x86_64.rpm | SHA-256: bbf0323a9c4796194dc927be970c6b719bd62d953a2cbe98788ec47d122ed6f8 |
| mariadb55-mariadb-bench-5.5.40-10.el6.x86_64.rpm | SHA-256: 94fc225a6f74e22bc7eba78bc7d7c811fd52c699223d8a164bb164ac99bcde28 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el6.x86_64.rpm | SHA-256: 5d724432796fb63c3e60e9e5027f595af5f34763c4719518ff6191b4060c4df7 |
| mariadb55-mariadb-devel-5.5.40-10.el6.x86_64.rpm | SHA-256: f22455b9e6fe603325f9f38090cb874453c0913f04553b3fcad1a53825cf04eb |
| mariadb55-mariadb-libs-5.5.40-10.el6.x86_64.rpm | SHA-256: d2c5eb7f0dbad5b3da30d232e628e184fa2bf278dcfc8e5721c416d3e68429d6 |
| mariadb55-mariadb-server-5.5.40-10.el6.x86_64.rpm | SHA-256: 1c89cec2f66fc779c87f3e9c1586d354d5947214becb6efa224e22a725b5d1ad |
| mariadb55-mariadb-test-5.5.40-10.el6.x86_64.rpm | SHA-256: 4172233f636f3ff6afdabc1c33261aa7519f6ce517199e7aca42e94b744f1920 |
Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 7
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el7.src.rpm | SHA-256: 0e338a52ec9002184d54c8f4e4c6314dd23cab557457f25a0819a43b98c1d45b |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el7.x86_64.rpm | SHA-256: e982e8b927bac58b7a6ba8bd53cf4b84699d0701cd0795a2afc568dc79066ee1 |
| mariadb55-mariadb-bench-5.5.40-10.el7.x86_64.rpm | SHA-256: f641d5fd390025e04a22837610560a0464166a5934db546bf05ddf6702966144 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el7.x86_64.rpm | SHA-256: 7bd076c2457ff92e7644aadec96f4e805578233bb2ec43eb327f6ca5485b901b |
| mariadb55-mariadb-devel-5.5.40-10.el7.x86_64.rpm | SHA-256: 79b3ff8757da03f4fe34807d7c5525d2c1060a7c8a6a48d35abd7255b3278692 |
| mariadb55-mariadb-libs-5.5.40-10.el7.x86_64.rpm | SHA-256: b3e95df389b6f47c62ae8ab9ebf132438a15516d26a65edea610535ccd1b5fe4 |
| mariadb55-mariadb-server-5.5.40-10.el7.x86_64.rpm | SHA-256: be409f305d58e2fbefd5a8b9176bd01e51244bd2886caae913921014728f4e52 |
| mariadb55-mariadb-test-5.5.40-10.el7.x86_64.rpm | SHA-256: 2d75bda7d94ddd57a02fc17bd249c0d967d3ec068d8fe21ca59922609e8bb439 |
Red Hat Software Collections (for RHEL Server) from RHUI 1 for RHEL 6
| SRPM | |
|---|---|
| mariadb55-mariadb-5.5.40-10.el6.src.rpm | SHA-256: 23dea64e63216deb98b715b59649746ddee327769a4fff966e1b15a4df45c77c |
| x86_64 | |
| mariadb55-mariadb-5.5.40-10.el6.x86_64.rpm | SHA-256: bbf0323a9c4796194dc927be970c6b719bd62d953a2cbe98788ec47d122ed6f8 |
| mariadb55-mariadb-bench-5.5.40-10.el6.x86_64.rpm | SHA-256: 94fc225a6f74e22bc7eba78bc7d7c811fd52c699223d8a164bb164ac99bcde28 |
| mariadb55-mariadb-debuginfo-5.5.40-10.el6.x86_64.rpm | SHA-256: 5d724432796fb63c3e60e9e5027f595af5f34763c4719518ff6191b4060c4df7 |
| mariadb55-mariadb-devel-5.5.40-10.el6.x86_64.rpm | SHA-256: f22455b9e6fe603325f9f38090cb874453c0913f04553b3fcad1a53825cf04eb |
| mariadb55-mariadb-libs-5.5.40-10.el6.x86_64.rpm | SHA-256: d2c5eb7f0dbad5b3da30d232e628e184fa2bf278dcfc8e5721c416d3e68429d6 |
| mariadb55-mariadb-server-5.5.40-10.el6.x86_64.rpm | SHA-256: 1c89cec2f66fc779c87f3e9c1586d354d5947214becb6efa224e22a725b5d1ad |
| mariadb55-mariadb-test-5.5.40-10.el6.x86_64.rpm | SHA-256: 4172233f636f3ff6afdabc1c33261aa7519f6ce517199e7aca42e94b744f1920 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.