Bug 18985

Summary: mariadb 10.0.26
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5-32-OK advisory
Source RPM: mariadb-10.0.25-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-07-19 15:38:39 CEST 
MariaDB 10.0.26 has been released on June 24:
https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/

I will push it after 10.1.16 (released July 18) is pushed in Cauldron:
https://mariadb.com/kb/en/mariadb/mariadb-10116-release-notes/
Comment 1 David Walser 2016-07-20 14:59:03 CEST 
Updated package uploaded for Mageia 5.

Advisory:
----------------------------------------

This is a maintenance and bugfix release that upgrades MariaDB to
the latest 10.0.26 version which resolves various upstream bugs.

References:
https://mariadb.com/kb/en/mariadb-10026-release-notes/
https://mariadb.com/kb/en/mariadb-10026-changelog/
----------------------------------------

Updated packages in core/updates_testing:
----------------------------------------
mariadb-10.0.26-1.mga5
mysql-MariaDB-10.0.26-1.mga5
mariadb-cassandra-10.0.26-1.mga5
mariadb-feedback-10.0.26-1.mga5
mariadb-oqgraph-10.0.26-1.mga5
mariadb-connect-10.0.26-1.mga5
mariadb-sphinx-10.0.26-1.mga5
mariadb-mroonga-10.0.26-1.mga5
mariadb-sequence-10.0.26-1.mga5
mariadb-spider-10.0.26-1.mga5
mariadb-extra-10.0.26-1.mga5
mariadb-obsolete-10.0.26-1.mga5
mariadb-core-10.0.26-1.mga5
mariadb-common-core-10.0.26-1.mga5
mariadb-common-10.0.26-1.mga5
mariadb-client-10.0.26-1.mga5
mariadb-bench-10.0.26-1.mga5
libmariadb18-10.0.26-1.mga5
libmariadb-devel-10.0.26-1.mga5
libmariadb-embedded18-10.0.26-1.mga5
libmariadb-embedded-devel-10.0.26-1.mga5

from mariadb-10.0.26-1.mga5.src.rpm

Assignee: bugsquad => qa-bugs

Comment 2 David Walser 2016-07-23 23:42:19 CEST 
Release notes have had some CVEs added.

Advisory:
========================

Updated mariadb packages fix security vulnerabilities:

The mariadb package has been updated to version 10.0.26. It fixes several
security issues (CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440)
and other bugs.  See the upstream release notes for details.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5440
https://mariadb.com/kb/en/mariadb-10026-release-notes/
https://mariadb.com/kb/en/mariadb-10026-changelog/

Component: RPM Packages => Security
QA Contact: (none) => security

Comment 3 David Walser 2016-07-25 22:29:40 CEST 
Working fine on our Moodle and MediaWiki servers at work, Mageia 5 i586.

Whiteboard: (none) => MGA5-32-OK

Dave Hodgins 2016-07-26 23:27:04 CEST

Keywords: (none) => validated_update
Whiteboard: MGA5-32-OK => MGA5-32-OK advisory
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 4 Mageia Robot 2016-07-26 23:59:56 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0265.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED