Test ID:	1.3.6.1.4.1.25623.1.0.851429
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for mariadb (openSUSE-SU-2016:2746-1)
Summary:	The remote host is missing an update for the 'mariadb'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'mariadb' package(s) announced via the referenced advisory. Vulnerability Insight: This update for mariadb to 10.0.27 fixes the following issues: * fixed CVE's 10.0.27: CVE-2016-5612, CVE-2016-5630, CVE-2016-6662 10.0.26: CVE-2016-5440, CVE-2016-3615, CVE-2016-3521, CVE-2016-3477 * fix: [boo#1005561], [boo#1005570], [boo#998309], [boo#989926], [boo#989922], [boo#989919], [boo#989913] - requires devel packages for aio and lzo2 - remove mariadb-10.0.21-mysql-test_main_bootstrap.patch that is no longer needed [boo#984858] - append '--ignore-db-dir=lost+found' to the mysqld options in 'mysql-systemd-helper' script if 'lost+found' directory is found in $datadir [boo#986251] - remove syslog.target from *.service files [boo#983938] - add systemd to deps to build on leap and friends - replace '%{_libexecdir}/systemd/system' with %{_unitdir} macro - remove useless mysql@default.service [boo#971456] - make ORDER BY optimization functions take into account multiple equalities [boo#949520] - adjust mysql-test results in order to take account of a new option (orderby_uses_equalities) added by the optimizer patch [boo#1003800] - replace all occurrences of the string '@sysconfdir@' with '/etc' in mysql-community-server-5.1.46-logrotate.patch as it wasn't expanded properly [boo#990890] Affected Software/OS: mariadb on openSUSE 13.2 Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3477 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 BugTraq ID: 91902 http://www.securityfocus.com/bid/91902 Debian Security Information: DSA-3624 (Google Search) http://www.debian.org/security/2016/dsa-3624 Debian Security Information: DSA-3632 (Google Search) http://www.debian.org/security/2016/dsa-3632 RedHat Security Advisories: RHSA-2016:1480 http://rhn.redhat.com/errata/RHSA-2016-1480.html RedHat Security Advisories: RHSA-2016:1601 http://rhn.redhat.com/errata/RHSA-2016-1601.html RedHat Security Advisories: RHSA-2016:1602 http://rhn.redhat.com/errata/RHSA-2016-1602.html RedHat Security Advisories: RHSA-2016:1603 http://rhn.redhat.com/errata/RHSA-2016-1603.html RedHat Security Advisories: RHSA-2016:1604 http://rhn.redhat.com/errata/RHSA-2016-1604.html RedHat Security Advisories: RHSA-2016:1637 http://rhn.redhat.com/errata/RHSA-2016-1637.html http://www.securitytracker.com/id/1036362 SuSE Security Announcement: openSUSE-SU-2016:2278 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html http://www.ubuntu.com/usn/USN-3040-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-3521 BugTraq ID: 91932 http://www.securityfocus.com/bid/91932 Common Vulnerability Exposure (CVE) ID: CVE-2016-3615 BugTraq ID: 91960 http://www.securityfocus.com/bid/91960 Common Vulnerability Exposure (CVE) ID: CVE-2016-5440 BugTraq ID: 91953 http://www.securityfocus.com/bid/91953 Common Vulnerability Exposure (CVE) ID: CVE-2016-5612 BugTraq ID: 93630 http://www.securityfocus.com/bid/93630 https://security.gentoo.org/glsa/201701-01 RedHat Security Advisories: RHSA-2016:2130 http://rhn.redhat.com/errata/RHSA-2016-2130.html RedHat Security Advisories: RHSA-2016:2131 http://rhn.redhat.com/errata/RHSA-2016-2131.html RedHat Security Advisories: RHSA-2016:2595 http://rhn.redhat.com/errata/RHSA-2016-2595.html RedHat Security Advisories: RHSA-2016:2927 http://rhn.redhat.com/errata/RHSA-2016-2927.html http://www.securitytracker.com/id/1037050 Common Vulnerability Exposure (CVE) ID: CVE-2016-5630 BugTraq ID: 93674 http://www.securityfocus.com/bid/93674 Common Vulnerability Exposure (CVE) ID: CVE-2016-6662 BugTraq ID: 92912 http://www.securityfocus.com/bid/92912 Debian Security Information: DSA-3666 (Google Search) http://www.debian.org/security/2016/dsa-3666 https://www.exploit-db.com/exploits/40360/ http://seclists.org/fulldisclosure/2016/Sep/23 http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html http://www.openwall.com/lists/oss-security/2016/09/12/3 RedHat Security Advisories: RHSA-2016:2058 http://rhn.redhat.com/errata/RHSA-2016-2058.html RedHat Security Advisories: RHSA-2016:2059 http://rhn.redhat.com/errata/RHSA-2016-2059.html RedHat Security Advisories: RHSA-2016:2060 http://rhn.redhat.com/errata/RHSA-2016-2060.html RedHat Security Advisories: RHSA-2016:2061 http://rhn.redhat.com/errata/RHSA-2016-2061.html RedHat Security Advisories: RHSA-2016:2062 http://rhn.redhat.com/errata/RHSA-2016-2062.html RedHat Security Advisories: RHSA-2016:2077 http://rhn.redhat.com/errata/RHSA-2016-2077.html RedHat Security Advisories: RHSA-2016:2749 http://rhn.redhat.com/errata/RHSA-2016-2749.html RedHat Security Advisories: RHSA-2016:2928 http://rhn.redhat.com/errata/RHSA-2016-2928.html RedHat Security Advisories: RHSA-2017:0184 http://rhn.redhat.com/errata/RHSA-2017-0184.html http://www.securitytracker.com/id/1036769
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.