16265 – CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)

Bug 16265 - CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)

Summary: CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client libra...

Status:	RESOLVED DUPLICATE of bug 16146

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	4
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-07-01 17:29 CEST by Oden Eriksson
Modified:	2015-07-01 17:36 CEST (History)
CC List:	0 users

See Also:
Source RPM:	mariadb
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Oden Eriksson 2015-07-01 17:29:02 CEST

https://bugzilla.redhat.com/show_bug.cgi?id=1217506
http://www.securityweek.com/mysql-ssltls-connections-risk-due-backronym-flaw

Fixed with 5.5.44 & 10.0.20


Reproducible: 

Steps to Reproduce:

Comment 1 David Walser 2015-07-01 17:36:01 CEST

Thanks for the additional information.

*** This bug has been marked as a duplicate of bug 16146 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE

Note You need to log in before you can comment on or make changes to this bug.