Detalji
Kreirano: 16 Svibanj 2012
Uočeni su i ispravljeni višestruki sigurnosni propusti kod programskog paketa mariadb. Udaljeni napadač mogao ih je iskoristiti za napad na dostupnost, integritet i povjerljivost sustava.
Paket:
Operacijski sustavi:
openSUSE 11.4
Kritičnost:
5.5
Problem:
nespecificirana pogreška
Iskorištavanje:
udaljeno
Posljedica:
dobivanje većih privilegija, izmjena podataka, otkrivanje osjetljivih informacija, uskraćivanje usluga (DoS), zaobilaženje postavljenih ograničenja
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492
Izvorni ID preporuke:
openSUSE-SU-2012:0619-1
Izvor:
SUSE
Problem:
U radu programskog paketa uočene su brojne nespecificirane pogreške.
Posljedica:
Uočene ranjivosti napadač može iskoristiti kako bi ugrozio dostupnost, integritet i povjerljivost sustava.
Rješenje:
Svim korisnicima se savjetuje nadogradnja ranjivog paketa.
Izvorni tekst preporuke
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0619-1
Rating: moderate
References: 675870,734436,742272,758460
Cross-References: CVE-2011-2262,CVE-2012-0075,CVE-2012-0087,CVE-2012-0101,CVE-2012-0102,CVE-2012-0112,CVE-2012-0113,CVE-2012-0114,CVE-2012-0115,CVE-2012-0116,CVE-2012-0118,CVE-2012-0119,CVE-2012-0120,CVE-2012-0484,CVE-2012-0485,CVE-2012-0490,CVE-2012-0492,CVE-2012-0583,CVE-2012-1688,CVE-2012-1690,CVE-2012-1703
Affected Products:
openSUSE 11.4
______________________________________________________________________________
Description:
mariadb update to version 5.1.62 fixes several security
issues and bugs. Please refer to the following upstream
announcement for details:
http://kb.askmonty.org/en/changelogs-mariadb-51-series
Patch Instructions:
- openSUSE 11.4:
zypper in -t patch openSUSE-2012-274
Package List:
- openSUSE 11.4 (i586 x86_64):
libmariadbclient16-5.1.62-39.1
libmariadbclient16-debuginfo-5.1.62-39.1
libmariadbclient_r16-5.1.62-39.1
libmariadbclient_r16-debuginfo-5.1.62-39.1
mariadb-5.1.62-39.1
mariadb-bench-5.1.62-39.1
mariadb-bench-debuginfo-5.1.62-39.1
mariadb-client-5.1.62-39.1
mariadb-client-debuginfo-5.1.62-39.1
mariadb-debug-5.1.62-39.1
mariadb-debug-debuginfo-5.1.62-39.1
mariadb-debuginfo-5.1.62-39.1
mariadb-debugsource-5.1.62-39.1
mariadb-test-5.1.62-39.1
mariadb-test-debuginfo-5.1.62-39.1
mariadb-tools-5.1.62-39.1
mariadb-tools-debuginfo-5.1.62-39.1
References:
http://support.novell.com/security/cve/CVE-2011-2262.html
http://support.novell.com/security/cve/CVE-2012-0075.html
http://support.novell.com/security/cve/CVE-2012-0087.html
http://support.novell.com/security/cve/CVE-2012-0101.html
http://support.novell.com/security/cve/CVE-2012-0102.html
http://support.novell.com/security/cve/CVE-2012-0112.html
http://support.novell.com/security/cve/CVE-2012-0113.html
http://support.novell.com/security/cve/CVE-2012-0114.html
http://support.novell.com/security/cve/CVE-2012-0115.html
http://support.novell.com/security/cve/CVE-2012-0116.html
http://support.novell.com/security/cve/CVE-2012-0118.html
http://support.novell.com/security/cve/CVE-2012-0119.html
http://support.novell.com/security/cve/CVE-2012-0120.html
http://support.novell.com/security/cve/CVE-2012-0484.html
http://support.novell.com/security/cve/CVE-2012-0485.html
http://support.novell.com/security/cve/CVE-2012-0490.html
http://support.novell.com/security/cve/CVE-2012-0492.html
http://support.novell.com/security/cve/CVE-2012-0583.html
http://support.novell.com/security/cve/CVE-2012-1688.html
http://support.novell.com/security/cve/CVE-2012-1690.html
http://support.novell.com/security/cve/CVE-2012-1703.html
https://bugzilla.novell.com/675870
https://bugzilla.novell.com/734436
https://bugzilla.novell.com/742272
https://bugzilla.novell.com/758460
Posljednje sigurnosne preporuke