← Back to team overview

enterprise-support team mailing list archive

[Bug 1427406] Re: data corruption on arm64 and ppc64el

 

This bug was fixed in the package mariadb-10.0 -
10.0.20-0ubuntu0.15.04.1

---------------
mariadb-10.0 (10.0.20-0ubuntu0.15.04.1) vivid-security; urgency=low

  * SECURITY UPDATE: Update to 10.0.20 (via .18 and .19) fixes security issues:
    - CVE-2015-3152: Client command line option --ssl-verify-server-cert (and
      MYSQL_OPT_SSL_VERIFY_SERVER_CERT option of the client API) when used
      together with --ssl will ensure that the established connection is
      SSL-encrypted and the MariaDB server has a valid certificate.
      (LP: #1464895)
    - CVE-2014-8964: bundled PCRE contained heap-based buffer overflow
      vulnerability that allowed the server to crash or have other unspecified
      impact via a crafted regular expression made possible with the
      REGEXP_SUBSTR function (MDEV-8006).
    - CVE-2015-0501
    - CVE-2015-2571
    - CVE-2015-0505
    - CVE-2015-0499
    (LP: #1451677)
  * New release includes fix for memory corruption on arm64 (LP: #1427406)
  * Upstream also includes lots of line ending changes (from CRLF -> LF)

 -- Otto Kekäläinen <otto@xxxxxxxxx>  Fri, 03 Jul 2015 17:39:42 +0300

** Changed in: mariadb-10.0 (Ubuntu Vivid)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8964

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0499

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0501

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0505

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2571

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-3152

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to MySQL.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1427406

Title:
  data corruption on arm64 and ppc64el

To manage notifications about this bug go to:
https://bugs.launchpad.net/mysql-server/+bug/1427406/+subscriptions