UbuntuUpdates.org

Package "mariadb-server"

Name: mariadb-server

Description:

MariaDB database server (metapackage depending on the latest version)

Latest version: 10.0.38-0ubuntu0.16.04.1
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: mariadb-10.0
Homepage: http://mariadb.org/

Links


Download "mariadb-server"


Other versions of "mariadb-server" in Xenial

Repository Area Version
base universe 10.0.24-7
security universe 10.0.38-0ubuntu0.16.04.1

Changelog

Version: 10.0.38-0ubuntu0.16.04.1 2019-02-12 05:07:07 UTC

  mariadb-10.0 (10.0.38-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.38. Includes fixes for
    the following security vulnerabilities (LP: #1814258):
    - CVE-2019-2537
    - CVE-2019-2529
  * Previous release 10.0.37 included fixes for the following security
    vulnerabilities:
    - CVE-2019-2503
    - CVE-2018-3282
    - CVE-2018-3251
    - CVE-2018-3174
    - CVE-2018-3156
    - CVE-2018-3143
    - CVE-2016-9843

 -- Otto Kekäläinen <email address hidden> Fri, 01 Feb 2019 14:51:00 +0100

Source diff to previous version
1814258 USN-3867-1: Partially applies to MariaDB too
CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5
CVE-2019-2529 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and pr
CVE-2019-2503 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6
CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61
CVE-2018-3251 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23
CVE-2018-3174 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prio
CVE-2018-3156 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23
CVE-2018-3143 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23
CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian C

Version: 10.0.36-0ubuntu0.16.04.1 2018-08-29 01:06:19 UTC

  mariadb-10.0 (10.0.36-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.36. Includes fixes for
    the following security vulnerabilities (LP: #1779715):
    - CVE-2018-3066
    - CVE-2018-3064
    - CVE-2018-3063
    - CVE-2018-3058
  * Previous release 10.0.35 included included fixes for
    - CVE-2018-3081
    - CVE-2018-2819
    - CVE-2018-2817
    - CVE-2018-2813
    - CVE-2018-2787
    - CVE-2018-2784
    - CVE-2018-2782
    - CVE-2018-2781
    - CVE-2018-2771
    - CVE-2018-2766
    - CVE-2018-2761
    - CVE-2018-2755

 -- Otto Kekäläinen <email address hidden> Thu, 02 Aug 2018 23:45:15 +0800

Source diff to previous version
1779715 USN-3629-3: partially applies to MariaDB too
CVE-2018-3066 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prio
CVE-2018-3064 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22
CVE-2018-3063 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.
CVE-2018-3058 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40
CVE-2018-3081 Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prio
CVE-2018-2819 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39
CVE-2018-2817 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5
CVE-2018-2813 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5
CVE-2018-2787 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2784 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2782 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2781 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and pr
CVE-2018-2771 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prio
CVE-2018-2766 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2761 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prio
CVE-2018-2755 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and

Version: 10.0.34-0ubuntu0.16.04.1 2018-03-06 17:07:27 UTC

  mariadb-10.0 (10.0.34-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.34. Includes fixes for
    the following security vulnerabilities (LP: #1751920):
    - CVE-2018-2668
    - CVE-2018-2665
    - CVE-2018-2640
    - CVE-2018-2622
    - CVE-2018-2612
    - CVE-2018-2562
  * Update git-buildpackage Debian branch setting so gbp import-orig works
  * Update VCS-* links to point to the new source repository

 -- Otto Kekäläinen <email address hidden> Mon, 26 Feb 2018 18:07:48 -0500

Source diff to previous version
1751920 USN-3537-2: partially applies to MariaDB too
CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pr
CVE-2018-2665 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pr
CVE-2018-2640 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pr
CVE-2018-2622 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5
CVE-2018-2612 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7
CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and p

Version: 10.0.33-0ubuntu0.16.04.1 2018-01-16 21:06:40 UTC

  mariadb-10.0 (10.0.33-0ubuntu0.16.04.1) xenial-security; urgency=high

  [ Otto Kekäläinen ]
  * SECURITY UPDATE: New upstream release 10.0.33. Includes fixes for the
    following security vulnerabilities (LP: #1740608):
    - CVE-2017-10378
    - CVE-2017-10268
    - MDEV-13819
  * Previous release 10.0.32 included included fixes for
    - CVE-2017-10384
    - CVE-2017-10379
    - CVE-2017-10286
    - CVE-2017-3636
    - CVE-2017-3641
    - CVE-2017-3653
  * Remove InnoDB build failure fix applied upstream

 -- Otto Kekäläinen <email address hidden> Thu, 04 Jan 2018 11:44:00 +0200

Source diff to previous version
1740608 USN-3459-1: partially applies to MariaDB too
CVE-2017-10378 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and ea
CVE-2017-10268 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and
CVE-2017-10384 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier
CVE-2017-10379 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earl
CVE-2017-10286 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earli
CVE-2017-3636 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earl
CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier,
CVE-2017-3653 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier,

Version: 10.0.31-0ubuntu0.16.04.2 2017-08-04 03:06:46 UTC

  mariadb-10.0 (10.0.31-0ubuntu0.16.04.2) xenial-security; urgency=high

  [ Otto Kekäläinen ]
  * SECURITY UPDATE: New upstream release 10.0.31. Includes fixes for the
    following security vulnerabilities (LP: #1698689):
    - CVE-2017-3464
    - CVE-2017-3456
    - CVE-2017-3453
    - CVE-2017-3309
    - CVE-2017-3308
  * Previous release 10.0.30 included included fixes for
    the following security vulnerabilities:
    - CVE-2017-3313
    - CVE-2017-3302
  * Includes upstream fix for Debian log rotate to not rotate binary/relay
    logs (MDEV-11610).

  [ Vicențiu Ciorbaru ]
  * Add patch that fixes upstream regression in 10.0.31 which made builds
    on powerpc fail (‘ib_mutex_t’ does not name a type).

 -- Otto Kekäläinen <email address hidden> Wed, 28 Jun 2017 22:12:03 +0300

1698689 USN-3269-1: partially applies to MariaDB too
CVE-2017-3464 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier,
CVE-2017-3456 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier,
CVE-2017-3453 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and ea
CVE-2017-3309 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and ea
CVE-2017-3308 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier,
CVE-2017-3313 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earli
CVE-2017-3302 Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10



About   -   Send Feedback to @ubuntu_updates