From Mageia wiki
Jump to: navigation, search

MGASA-2012-0244

Date: August 30th, 2012
Affected releases: 2


Description:
This security update for Mariadb corrects a problem that Kristian Nielsen found.
he has discovered multiple SQL injection like vulnerabilities in MySQL and MariaDB.
Just to be clear: to exploit this one needs a valid account on the server and privileges to modify data.

In addition, a problem preventing the feedback plugin from
working has been corrected.


Updated Packages:
mariadb-5.5.25-2.2.mga2
mariadb-bench-5.5.25-2.2.mga2
mariadb-client-5.5.25-2.2.mga2
mariadb-common-5.5.25-2.2.mga2
mariadb-common-core-5.5.25-2.2.mga2
mariadb-core-5.5.25-2.2.mga2
mariadb-extra-5.5.25-2.2.mga2
mariadb-feedback-5.5.25-2.2.mga2
mariadb-obsolete-5.5.25-2.2.mga2
mysql-MariaDB-5.5.25-2.2.mga2
lib(64)mariadb18-5.5.25-2.2.mga
lib(64)mariadb-devel-5.5.25-2.2.mga2
lib(64)mariadb-embedded18-5.5.25-2.2.mga2
lib(64)mariadb-embedded-devel-5.5.25-2.2.mga2


References:
https://bugs.mageia.org/show_bug.cgi?id=6922
http://www.openwall.com/lists/oss-security/2012/09/11/4
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4414

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0244&oldid=11106"