[Secure-testing-commits] r49565 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Fri Mar 10 16:23:24 UTC 2017
Author: nluedtke-guest
Date: 2017-03-10 16:23:24 +0000 (Fri, 10 Mar 2017)
New Revision: 49565
Modified:
data/CVE/list
Log:
Update CVE-2016-5483 for MariaDB
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-10 14:19:13 UTC (rev 49564)
+++ data/CVE/list 2017-03-10 16:23:24 UTC (rev 49565)
@@ -30444,15 +30444,18 @@
RESERVED
CVE-2016-5483
RESERVED
- - mariadb-10.1 <undetermined>
- - mariadb-10.0 <unfixed>
- [jessie] - mariadb-10.0 <no-dsa> (Minor issue)
+ - mariadb-10.1 10.1.20-1
+ - mariadb-10.0 10.0.28-1
+ [jessie] - mariadb-10.0 10.0.28-0+deb8u1
- mysql-5.7 <unfixed>
- mysql-5.5 <removed>
[jessie] - mysql-5.5 <no-dsa> (Minor issue)
NOTE: https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/
NOTE: Affected according to blogpost: MySQL all versions, MariaDB <= 5.5.52 and < 10.1
- TODO: check fixing commit for MariaDB
+ NOTE: Per MariaDB Security fixed with the following three commits:
+ NOTE: https://github.com/MariaDB/server/commit/5a43a31ee81bc181eeb5ef2bf0704befa6e0594d
+ NOTE: https://github.com/MariaDB/server/commit/01b39b7b0730102b88d8ea43ec719a75e9316a1e
+ NOTE: https://github.com/MariaDB/server/commit/383007c75d6ef5043fa5781956a6a02b24e2b79e
CVE-2016-5482 (Unspecified vulnerability in the Oracle Commerce Guided Search ...)
NOT-FOR-US: Oracle
CVE-2016-5481 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
More information about the Secure-testing-commits
mailing list