Bug 16265

Summary: CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)
Product: Mageia Reporter: Oden Eriksson <oe>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 4   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: mariadb CVE:
Status comment:

Description Oden Eriksson 2015-07-01 17:29:02 CEST 
https://bugzilla.redhat.com/show_bug.cgi?id=1217506
http://www.securityweek.com/mysql-ssltls-connections-risk-due-backronym-flaw

Fixed with 5.5.44 & 10.0.20


Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2015-07-01 17:36:01 CEST 
Thanks for the additional information.

*** This bug has been marked as a duplicate of bug 16146 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE