{"affected":[{"ecosystem_specific":{"binaries":[{"mariadb":"10.2.21-3.7.1","mariadb-client":"10.2.21-3.7.1","mariadb-errormessages":"10.2.21-3.7.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP4","name":"mariadb","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.2.21-3.7.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"mariadb":"10.2.21-3.7.1","mariadb-client":"10.2.21-3.7.1","mariadb-errormessages":"10.2.21-3.7.1","mariadb-tools":"10.2.21-3.7.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP4","name":"mariadb","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.2.21-3.7.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"mariadb":"10.2.21-3.7.1","mariadb-client":"10.2.21-3.7.1","mariadb-errormessages":"10.2.21-3.7.1","mariadb-tools":"10.2.21-3.7.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","name":"mariadb","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.2.21-3.7.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for mariadb to version 10.2.19 fixes the following issues: (bsc#1116686)\n\nSecurity issues fixed:\n\n- CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)\n- CVE-2018-3282, CVE-2018-3174, CVE-2018-3143, CVE-2018-3156, \n  CVE-2018-3251, CVE-2018-3185, CVE-2018-3277, CVE-2018-3162, \n  CVE-2018-3173, CVE-2018-3200, CVE-2018-3284:\n            Fixed multiple denial of service vulnerabilities \n  (bsc#1112432, bsc#1112368, bsc#1112421, bsc#1112417, \n   bsc#1112397, bsc#1112391, bsc#1112415, bsc#1112386,\n   bsc#1112404, bsc#1112377, bsc#1112384)\n\nNon-security issues fixed:\n\n- Fixed database corruption after renaming a prefix-indexed column (bsc#1120041)\n- Remove PerconaFT from the package as it has a AGPL license (bsc#1118754)\n- Enable testing for client plugins (bsc#1111859)\n- Improve test coverage by keeping debug_key_management.so (bsc#1111858)\n  ","id":"SUSE-SU-2019:0119-1","modified":"2019-01-18T10:53:24Z","published":"2019-01-18T10:53:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190119-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1013882"},{"type":"REPORT","url":"https://bugzilla.suse.com/1111858"},{"type":"REPORT","url":"https://bugzilla.suse.com/1111859"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112368"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112377"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112384"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112386"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112391"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112397"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112404"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112415"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112417"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112421"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112432"},{"type":"REPORT","url":"https://bugzilla.suse.com/1116686"},{"type":"REPORT","url":"https://bugzilla.suse.com/1118754"},{"type":"REPORT","url":"https://bugzilla.suse.com/1120041"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9843"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3143"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3156"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3162"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3173"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3174"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3185"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3200"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3251"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3277"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3282"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-3284"}],"related":["CVE-2016-9843","CVE-2018-3143","CVE-2018-3156","CVE-2018-3162","CVE-2018-3173","CVE-2018-3174","CVE-2018-3185","CVE-2018-3200","CVE-2018-3251","CVE-2018-3277","CVE-2018-3282","CVE-2018-3284"],"summary":"Security update for mariadb","upstream":["CVE-2016-9843","CVE-2018-3143","CVE-2018-3156","CVE-2018-3162","CVE-2018-3173","CVE-2018-3174","CVE-2018-3185","CVE-2018-3200","CVE-2018-3251","CVE-2018-3277","CVE-2018-3282","CVE-2018-3284"]}