An update for mariadb55-mariadb is now available for Red Hat SoftwareCollections.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
MariaDB is a multi-user, multi-threaded SQL database server.

For all practicalpurposes, MariaDB is binary-compatible with MySQL.The following packages have been upgraded to a newer upstream version:mariadb55-mariadb (5.5.50).Security Fix(es):* This update fixes several vulnerabilities in the MariaDB database server.Information about these flaws can be found on the Oracle Critical Patch UpdateAdvisory page, listed in the References section. (CVE-2016-3477, CVE-2016-3521,CVE-2016-3615, CVE-2016-5440)
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, the MariaDB server daemon (mysqld) will berestarted automatically.Red Hat Software Collections 1 for RHEL 6

SRPMS:
mariadb55-mariadb-5.5.50-1.el6.src.rpm
    MD5: 05d3ec9c65c4dde97cfcefdcb44017bdSHA-256: 90a50823444761bb7b686f84c76421ebb65660689dec148a182d8a33d2f1aa46
 
x86_64:
mariadb55-mariadb-5.5.50-1.el6.x86_64.rpm
    MD5: ddacea16b7501de17f01a831e971db4eSHA-256: 0c880e3548ebc400e928ee05bd2fb4d69fc71e8a5d471c2e6a8945e29e40df53
mariadb55-mariadb-bench-5.5.50-1.el6.x86_64.rpm
    MD5: 3eb0a4bb00a72879dc0b560a6907dc7bSHA-256: d941e13323648baf6202191d1cb79774c90194fe5f7b8cde206740c63e82bde9
mariadb55-mariadb-debuginfo-5.5.50-1.el6.x86_64.rpm
    MD5: 5333daf752afe6a76e5b2ad05af77501SHA-256: 96abbc2152bce3c61b9314fd26a3c6e57bd783170580495a364390335c7ce784
mariadb55-mariadb-devel-5.5.50-1.el6.x86_64.rpm
    MD5: b06233fadeb46e272f73eb20a65dcf0bSHA-256: 9628a4d810185b38eda0220990e4a2fe8df520db7cd1bfedb1873cf5e8d9aa1b
mariadb55-mariadb-libs-5.5.50-1.el6.x86_64.rpm
    MD5: ec1b828b0505fb2acaa618e15d753173SHA-256: b50659a0a6e87f3b838c331f3186e87c3afccb818d65a5b606237413de686a1d
mariadb55-mariadb-server-5.5.50-1.el6.x86_64.rpm
    MD5: c8a00b2729cf5daf3319fd912455ac3eSHA-256: 8349c0175565d293c7b44b422f46458c0d8e2ab1442c321305de22996c32e0a7
mariadb55-mariadb-test-5.5.50-1.el6.x86_64.rpm
    MD5: a0e9d13e4bd99738149e19d7d44ebae2SHA-256: f9bd174684bec8537392069292511457f6ec46c23a41d05f0654fd493f8fa71d
 
Red Hat Software Collections 1 for RHEL 7

SRPMS:
mariadb55-mariadb-5.5.50-1.el7.src.rpm
    MD5: 25f6c8e5ddf974b1a779643b7d97b88bSHA-256: 6f36d289827d2f6912170f0194e48207b4a6a8fad9b8e874b0d22a9c1811e4b7
 
x86_64:
mariadb55-mariadb-5.5.50-1.el7.x86_64.rpm
    MD5: 593d5441a83283a946d1277e6c0c4464SHA-256: b4f10e06e0607bbe2b9533032b21e57a41a562cd478141eed0221731be25e37a
mariadb55-mariadb-bench-5.5.50-1.el7.x86_64.rpm
    MD5: 3bf523ab49b0e00acbf2a034e86c1756SHA-256: 7eda88b9347645f26abab22756ba629ad7860c4d36926972b4e226015de75a44
mariadb55-mariadb-debuginfo-5.5.50-1.el7.x86_64.rpm
    MD5: 23683a39b497b1cfbc1f975245eaaaf7SHA-256: dbb9a14afa24907a4f3b958ed66dc7e67b82b1f7d86832705219d4178b01831b
mariadb55-mariadb-devel-5.5.50-1.el7.x86_64.rpm
    MD5: a346f01408f9b21231c1af1e35131e6cSHA-256: 889777434c80728a7de27d5ba379a2b94f562d1838ea75d173b8df156f5a8e0e
mariadb55-mariadb-libs-5.5.50-1.el7.x86_64.rpm
    MD5: 359a8645cfb0b277e63afab02c145f36SHA-256: 20e9e295c93c03386dc3d0f3a3ca6caebdb1e4759e9a9972ff3c031901b4a29b
mariadb55-mariadb-server-5.5.50-1.el7.x86_64.rpm
    MD5: f36b8e473a9b6a6753f82644e7868d23SHA-256: f329a906fadccdd5dd2572898498f653deec3d26e611ccedc7926a26745fa205
mariadb55-mariadb-test-5.5.50-1.el7.x86_64.rpm
    MD5: 3218591a0aae33748070a084420e96beSHA-256: 6590a827e4be3d26fc18de8da1de2949db84b198fb06201e08aa0adfb56ae7d3
 
(The unlinked packages above are only available from the Red Hat Network)

1358205 – CVE-2016-3477 mysql: unspecified vulnerability in subcomponent: Server: Parser (CPU July 2016)1358209 – CVE-2016-3521 mysql: unspecified vulnerability in subcomponent: Server: Types (CPU July 2016)1358212 – CVE-2016-3615 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU July 2016)1358218 – CVE-2016-5440 mysql: unspecified vulnerability in subcomponent: Server: RBR (CPU July 2016)

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply