maria-discuss team mailing list archive

Thread
Date

Re: Critical Update for CVE-2016-6662

To: Alex <imperialnetwork@xxxxxxxxx>
From: Sergei Golubchik <serg@xxxxxxxxxxx>
Date: Mon, 12 Sep 2016 20:25:49 +0200
Cc: MariaDB Discuss <maria-discuss@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <b47959ae-60d0-b5a8-6e77-e36ecea9a13a@gmail.com>
User-agent: Mutt/1.5.24 (2015-08-30)

Hi, Alex!

On Sep 12, Alex wrote:
> Hello,
> 
> In regards to this zero day remote exploit , it seems MariaDB is also 
> affected. Percona seems to have released new versions out to fix this.
> Any news from MariaDB side ?
> 
> http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

Yes, it was https://jira.mariadb.org/browse/MDEV-10465,
fixed in 5.5.51, 10.0.27, 10.1.17, all released last month.

Regards,
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx

Follow ups

Re: Critical Update for CVE-2016-6662
From: Alex, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Reindl Harald, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Alex, 2016-09-12

References

Critical Update for CVE-2016-6662
From: Alex, 2016-09-12