Bug 22608

Summary: mariadb several new security issues
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, herman.viaene, sysadmin-bugs
Version: 5Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5-32-OK
Source RPM: mariadb-10.0.33-2.mga5.src.rpm CVE:
Status comment:

Description David Walser 2018-02-16 20:04:20 CET 
+++ This bug was initially created as a clone of Bug #22607 +++

Upstream has released MariaDB 10.0.34 and 10.1.31 on January 30 and February 7:
https://mariadb.org/mariadb-10-0-34-now-available/
https://mariadb.org/mariadb-10-1-31-mariadb-galera-cluster-10-0-34-now-available/

They fix six new security issues:
https://mariadb.com/kb/en/library/mariadb-10034-release-notes/
https://mariadb.com/kb/en/library/mariadb-10131-release-notes/

which come from the latest Oracle CPU:
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Advisory:
========================

Updated mariadb packages fix security vulnerabilities:

Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:
Partition). Easily exploitable vulnerability allows low privileged attacker
with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server
as well as unauthorized update, insert or delete access to some of MariaDB
Server accessible data (CVE-2018-2562).

Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:
DDL). Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MariaDB Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a
hang or frequently repeatable crash (complete DOS) of MariaDB Server
(CVE-2018-2622).

Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:
Optimizer). Easily exploitable vulnerability allows low privileged attacker
with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server
(CVE-2018-2640).

Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:
Optimizer). Easily exploitable vulnerability allows low privileged attacker
with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server
(CVE-2018-2665).

Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:
Optimizer). Easily exploitable vulnerability allows low privileged attacker
with network access via multiple protocols to compromise MariaDB Server.
Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server
(CVE-2018-2668).

Vulnerability in the MariaDB Server component of MariaDB (subcomponent:
InnoDB). Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MariaDB Server. Successful
attacks of this vulnerability can result in unauthorized creation, deletion or
modification access to critical data or all MariaDB Server accessible data and
unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MariaDB Server (CVE-2018-2612).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2622
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2612
https://mariadb.com/kb/en/library/mariadb-10034-release-notes/
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
========================

Updated packages in core/updates_testing:
========================
mariadb-10.0.34-1.mga5
mysql-MariaDB-10.0.34-1.mga5
mariadb-cassandra-10.0.34-1.mga5
mariadb-feedback-10.0.34-1.mga5
mariadb-oqgraph-10.0.34-1.mga5
mariadb-connect-10.0.34-1.mga5
mariadb-sphinx-10.0.34-1.mga5
mariadb-mroonga-10.0.34-1.mga5
mariadb-sequence-10.0.34-1.mga5
mariadb-spider-10.0.34-1.mga5
mariadb-extra-10.0.34-1.mga5
mariadb-obsolete-10.0.34-1.mga5
mariadb-core-10.0.34-1.mga5
mariadb-common-core-10.0.34-1.mga5
mariadb-common-10.0.34-1.mga5
mariadb-client-10.0.34-1.mga5
mariadb-bench-10.0.34-1.mga5
libmariadb18-10.0.34-1.mga5
libmariadb-devel-10.0.34-1.mga5
libmariadb-embedded18-10.0.34-1.mga5
libmariadb-embedded-devel-10.0.34-1.mga5

from mariadb-10.0.34-1.mga5.src.rpm
Comment 1 Herman Viaene 2018-02-20 13:33:13 CET 
MGA5-32 on Dell Latitude D600 Xfce
No installation issues.
This was an update on an existing previous version.
Using phpmyadmin, I couls delete a previous test database, create a new one, create a table and populate it some data.
All OK.

Whiteboard: (none) => MGA5-32-OK
CC: (none) => herman.viaene

Comment 2 Dave Hodgins 2018-02-24 20:05:46 CET 
Advisory committed to svn. Validating the update based on above test.

Keywords: (none) => advisory, validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 3 Mageia Robot 2018-02-25 00:26:23 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0139.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED