Suggested advisory:
========================

Updated mariadb packages fix security vulnerabilities:
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer) [1].
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB) [2].


References:
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2974
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2938
========================

Updated packages in core/updates_testing:
========================
mariadb-10.3.20-1.mga7
mysql-MariaDB-10.3.20-1.mga7
mariadb-feedback-10.3.20-1.mga7
mariadb-connect-10.3.20-1.mga7
mariadb-sphinx-10.3.20-1.mga7
mariadb-mroonga-10.3.20-1.mga7
mariadb-sequence-10.3.20-1.mga7
mariadb-spider-10.3.20-1.mga7
mariadb-rocks-10.3.20-1.mga7
mariadb-extra-10.3.20-1.mga7
mariadb-obsolete-10.3.20-1.mga7
mariadb-core-10.3.20-1.mga7
mariadb-common-core-10.3.20-1.mga7
mariadb-common-10.3.20-1.mga7
mariadb-client-10.3.20-1.mga7
mariadb-bench-10.3.20-1.mga7
lib64mariadb3-10.3.20-1.mga7
lib64mariadb-devel-10.3.20-1.mga7
lib64mariadbd19-10.3.20-1.mga7
lib64mariadb-embedded-devel-10.3.20-1.mga7
mariadb-debugsource-10.3.20-1.mga7
mariadb-debuginfo-10.3.20-1.mga7
mariadb-feedback-debuginfo-10.3.20-1.mga7
mariadb-connect-debuginfo-10.3.20-1.mga7
mariadb-sphinx-debuginfo-10.3.20-1.mga7
mariadb-mroonga-debuginfo-10.3.20-1.mga7
mariadb-sequence-debuginfo-10.3.20-1.mga7
mariadb-spider-debuginfo-10.3.20-1.mga7
mariadb-rocks-debuginfo-10.3.20-1.mga7
mariadb-extra-debuginfo-10.3.20-1.mga7
mariadb-obsolete-debuginfo-10.3.20-1.mga7
mariadb-core-debuginfo-10.3.20-1.mga7
mariadb-common-debuginfo-10.3.20-1.mga7
mariadb-client-debuginfo-10.3.20-1.mga7
mariadb-bench-debuginfo-10.3.20-1.mga7
lib64mariadb3-debuginfo-10.3.20-1.mga7
lib64mariadbd19-debuginfo-10.3.20-1.mga7
lib64mariadb-embedded-devel-debuginfo-10.3.20-1.mga7


Source RPMs:
mariadb-10.3.20-1.mga7.src.rpm

Assignee: mageia => qa-bugs

Installed and tested without issues.

Tested with:
- MySQL Workbench;
- phpMyAdmin;
- mysql CLI;
- Qt5 applications using the mysql plugin;
- php scripts using PDO/mysql;
- several simple and complex SQL scripts.

Everything seems OK. No regressions noticed.



$ uname -a
Linux marte 5.3.11-desktop-1.mga7 #1 SMP Tue Nov 12 21:10:01 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ LANGUAGE=C urpmi mariadb
Marking mariadb as manually installed, it won't be auto-orphaned
writing /var/lib/rpm/installed-through-deps.list
To satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Updates Testing")
  lib64mariadb3                  10.3.20      1.mga7        x86_64  
  mariadb                        10.3.20      1.mga7        x86_64  
  mariadb-client                 10.3.20      1.mga7        x86_64  
  mariadb-common                 10.3.20      1.mga7        x86_64  
  mariadb-common-core            10.3.20      1.mga7        x86_64  
  mariadb-core                   10.3.20      1.mga7        x86_64  
  mariadb-extra                  10.3.20      1.mga7        x86_64  
106KB of additional disk space will be used.
14MB of packages will be retrieved.
Proceed with the installation of the 7 packages? (Y/n) 
$ rpm -qa | grep -i maria
lib64mariadb3-10.3.20-1.mga7
mariadb-10.3.20-1.mga7
mariadb-common-core-10.3.20-1.mga7
mariadb-extra-10.3.20-1.mga7
mariadb-client-10.3.20-1.mga7
mariadb-common-10.3.20-1.mga7
mariadb-core-10.3.20-1.mga7
$ systemctl restart mysqld.service
$ systemctl status mysqld
● mysqld.service - MySQL database server
   Loaded: loaded (/usr/lib/systemd/system/mysqld.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2019-11-16 22:55:29 WET; 1min ago
  Process: 20954 ExecStartPre=/usr/sbin/mysqld-prepare-db-dir (code=exited, status=0/SUCCESS)
 Main PID: 20968 (mysqld)
   Status: "Taking your SQL requests now..."
   Memory: 70.3M
   CGroup: /system.slice/mysqld.service
           └─20968 /usr/sbin/mysqld

nov 16 22:55:29 marte mysqld[20968]: 2019-11-16 22:55:29 0 [Note] InnoDB: 10.3.20 started; log sequence number 292591415; transaction id 893307
nov 16 22:55:29 marte mysqld[20968]: 2019-11-16 22:55:29 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
nov 16 22:55:29 marte mysqld[20968]: 191116 22:55:29 server_audit: MariaDB Audit Plugin version 1.4.8 STARTED.
nov 16 22:55:29 marte mysqld[20968]: 191116 22:55:29 server_audit: Query cache is enabled with the TABLE events. Some table reads can be veiled.2019-11-16 22:55:29 0 [Note] Reading of all Master_info entries s>
nov 16 22:55:29 marte mysqld[20968]: 2019-11-16 22:55:29 0 [Note] Added new Master_info '' to hash table
nov 16 22:55:29 marte mysqld[20968]: 2019-11-16 22:55:29 0 [Note] /usr/sbin/mysqld: ready for connections.
nov 16 22:55:29 marte mysqld[20968]: Version: '10.3.20-MariaDB'  socket: '/var/lib/mysql/mysql.sock'  port: 0  Mageia MariaDB Server
nov 16 22:55:29 marte systemd[1]: Started MySQL database server.
nov 16 22:55:29 marte mysqld[20968]: 2019-11-16 22:55:29 0 [Note] InnoDB: Buffer pool(s) load completed at 191116 22:55:29
$ mysql_upgrade -p --skip-write-binlog
Enter password: 
Phase 1/7: Checking and upgrading mysql database
Processing databases
<SNIP>

CC: (none) => mageia
Whiteboard: (none) => MGA7-64-OK

Looks good enough to me. Validating. Advisory in Comment 1.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0335.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED