← Back to team overview

maria-developers team mailing list archive

Re: Several CVE's in Oracle MySQL, is MariaDB vulnerable?


----- On 24 Oct, 2015, at 3:47 AM, Christian Rebischke chris.rebischke@xxxxxxxxx wrote:

> Hello everyone,
> Sorry when I am on the wrong mailinglist. I wanted to submit a bugreport or
> issue for this but I can't signup for your JIRA because of license reasons.

Keen to know which conditions where a problem. May affect other people.

> I am from the Archlinux-Security Team and want to ask if mariadb in the actual
> version is vulnerable to the following CVEs:
> CVE-2015-4913 CVE-2015-4910 CVE-2015-4905 CVE-2015-4904 CVE-2015-4895
> CVE-2015-4890 CVE-2015-4879 CVE-2015-4870 CVE-2015-4862 CVE-2015-4864
> CVE-2015-4861 CVE-2015-4858 CVE-2015-4836 CVE-2015-4833 CVE-2015-4830
> CVE-2015-4826 CVE-2015-4819 CVE-2015-4815 CVE-2015-4807 CVE-2015-4802
> CVE-2015-4800 CVE-2015-4792 CVE-2015-4791 CVE-2015-4766
> I hope you can help me.

Of course, listed here:


Its only got the fixed versions rather than which versions vulnerabilities where introduced. Is this sufficient?

Daniel Black, Engineer @ Open Query (http://openquery.com.au)
Remote expertise & maintenance for MySQL/MariaDB server environments.

Follow ups