Opened 7 years ago
Closed 7 years ago
#8770 closed enhancement (fixed)
mariadb-10.1.21 (CVE-2016-6664 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318)
| Reported by: | Owned by: | Douglas R. Reno | |
|---|---|---|---|
| Priority: | highest | Milestone: | 8.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by )
New point version
Innodb updated to 5.6.35
A file format compatibility bug that was introduced in MariaDB 10.1.0 was fixed. Using page_compression or non-default innodb_page_size created files that were incompatible with MariaDB 10.0 or MySQL 5.6. MariaDB 10.1.21 will convert affected files from earlier MariaDB 10.1 releases to compatible format. This prevents a downgrade to earlier MariaDB 10.1 versions. See the commit for details.
Performance Schema updated to 5.6.35
Fixes for the following security vulnerabilities:
CVE-2016-6664
CVE-2017-3238
CVE-2017-3243
CVE-2017-3244
CVE-2017-3257
CVE-2017-3258
CVE-2017-3265
CVE-2017-3291
CVE-2017-3312
CVE-2017-3317
CVE-2017-3318
CVE-2016-6664 is a root privilege escalation issue that is classifed as a zero day. There is a video here of it being exploited:
http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
Requires immediate response. I'm going to take this and do it in the next few hours.
Change History (2)
comment:1 by , 7 years ago
| Description: | modified (diff) |
|---|---|
| Owner: | changed from to |
| Priority: | normal → highest |
| Status: | new → assigned |
| Summary: | mariadb-10.1.21 → mariadb-10.1.21 (CVE-2016-6664 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318) |
comment:2 by , 7 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r18201