- Issued:
- 2019-05-21
- Updated:
- 2019-05-21
RHSA-2019:1258 - Moderate: rh-mariadb102-mariadb and rh-mariadb102-galera security and bug fix update
Synopsis
Moderate: rh-mariadb102-mariadb and rh-mariadb102-galera security and bug fix update
Type/Severity
Security Advisory Moderate
Topic
An update for rh-mariadb102-mariadb and rh-mariadb102-galera is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL.
The following packages have been upgraded to a later upstream version: rh-mariadb102-mariadb (10.2.22), rh-mariadb102-galera (25.3.25).
Security Fix(es):
-
mysql: Server: Replication unspecified vulnerability (CPU Oct 2017) (CVE-2017-10268)
-
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2017) (CVE-2017-10378)
-
mariadb: Replication in sql/event_data_objects.cc occurs before ACL checks (CVE-2017-15365)
-
mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562)
-
mysql: InnoDB unspecified vulnerability (CPU Jan 2018) (CVE-2018-2612)
-
mysql: Server: DDL unspecified vulnerability (CPU Jan 2018) (CVE-2018-2622)
-
mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jan 2018) (CVE-2018-2640, CVE-2018-2665, CVE-2018-2668)
-
mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755)
-
mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2018) (CVE-2018-2759, CVE-2018-2766, CVE-2018-2777, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2819)
-
mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761)
-
mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771)
-
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) (CVE-2018-2781)
-
mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2018) (CVE-2018-2813, CVE-2018-2817)
-
mysql: MyISAM unspecified vulnerability (CPU Jul 2018) (CVE-2018-3058)
-
mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2018) (CVE-2018-3060, CVE-2018-3064)
-
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2018) (CVE-2018-3063)
-
mysql: Client programs unspecified vulnerability (CPU Jul 2018) (CVE-2018-3081)
-
mysql: Server: Parser unspecified vulnerability (CPU Oct 2018) (CVE-2018-3133)
-
mysql: InnoDB multiple unspecified vulnerabilities (CPU Oct 2018) (CVE-2018-3143, CVE-2018-3156, CVE-2018-3162, CVE-2018-3173, CVE-2018-3185, CVE-2018-3200, CVE-2018-3251, CVE-2018-3277, CVE-2018-3284)
-
mysql: Server: Storage Engines unspecified vulnerability (CPU Oct 2018) (CVE-2018-3282)
-
mysql: Server: Parser unspecified vulnerability (CPU Jan 2019) (CVE-2019-2455)
-
mysql: Server: Connection Handling unspecified vulnerability (CPU Jan 2019) (CVE-2019-2503)
-
mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510)
-
mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537)
-
mysql: Server: Options unspecified vulnerability (CPU Jul 2018) (CVE-2018-3066)
-
mysql: Init script calling kill with root privileges using pid from pidfile owned by mysql user (CPU Oct 2018) (CVE-2018-3174)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
SELinux blocks working in /tmp directory for wsrep_recover_position function (BZ#1701252)
-
mysql faces a bug which prevents bacula from functioning (BZ#1701254)
-
GSSAPI module build fix - backport request (BZ#1701257)
-
Deadlock in RNG initialization in the FIPS mode on some circumstances (BZ#1701258)
-
Use appropriate version of Galera (BZ#1704162)
-
Encountered WSREP: BF lock wait long for trx MariaDB 10.2.8 (BZ#1709233)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Software Collections (for RHEL Workstation) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Workstation) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server) | 1 | x86_64 |
| Red Hat Software Collections (for RHEL Server for System Z) | 1 | s390x |
| Red Hat Software Collections (for RHEL Server for System Z) | 1 | s390x |
| Red Hat Software Collections (for RHEL Server for System Z) | 1 | s390x |
| Red Hat Software Collections (for RHEL Server for System Z) | 1 | s390x |
| Red Hat Software Collections (for RHEL Server for System Z) | 1 | s390x |
| Red Hat Software Collections (for RHEL Server for IBM Power LE) | 1 | ppc64le |
| Red Hat Software Collections (for RHEL Server for IBM Power LE) | 1 | ppc64le |
| Red Hat Software Collections (for RHEL Server for IBM Power LE) | 1 | ppc64le |
| Red Hat Software Collections (for RHEL Server for IBM Power LE) | 1 | ppc64le |
| Red Hat Software Collections (for RHEL Server for IBM Power LE) | 1 | ppc64le |
| Red Hat Software Collections (for RHEL Server for ARM) | 1 | aarch64 |
Updated Packages
- rh-mariadb102-mariadb-config-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-config-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-config-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-galera-syspaths-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-syspaths-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-gssapi-server-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-backup-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-syspaths-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-bench-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-errmsg-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-devel-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-devel-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-galera-syspaths-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-backup-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-oqgraph-engine-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-galera-25.3.25-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-debuginfo-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-devel-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-test-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-10.2.22-1.el6.src.rpm
- rh-mariadb102-mariadb-config-syspaths-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-backup-syspaths-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-gssapi-client-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-server-galera-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-galera-debuginfo-25.3.25-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-server-utils-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-config-syspaths-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-syspaths-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-gssapi-client-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-server-syspaths-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-bench-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-server-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-backup-syspaths-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-errmsg-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-oqgraph-engine-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-syspaths-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-oqgraph-engine-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-backup-syspaths-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-galera-25.3.25-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-debuginfo-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-oqgraph-engine-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-devel-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-errmsg-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-oqgraph-engine-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-galera-25.3.25-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-gssapi-client-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-galera-debuginfo-25.3.25-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-gssapi-server-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-common-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-debuginfo-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-common-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-backup-syspaths-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-galera-25.3.25-1.el7.src.rpm
- rh-mariadb102-mariadb-backup-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-syspaths-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-config-syspaths-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-galera-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-galera-25.3.25-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-config-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-gssapi-server-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-errmsg-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-syspaths-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-test-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-server-galera-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-bench-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-config-syspaths-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-utils-syspaths-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-server-syspaths-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-gssapi-server-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-common-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-server-syspaths-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-syspaths-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-backup-syspaths-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-galera-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-syspaths-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-bench-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-syspaths-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-gssapi-client-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-gssapi-client-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-debuginfo-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-common-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-backup-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-galera-syspaths-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-config-syspaths-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-server-galera-syspaths-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-devel-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-server-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-syspaths-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-galera-debuginfo-25.3.25-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-galera-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-config-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-server-utils-syspaths-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-bench-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-galera-debuginfo-25.3.25-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-backup-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-common-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-debuginfo-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-gssapi-server-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-10.2.22-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-10.2.22-1.el7.src.rpm
- rh-mariadb102-mariadb-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-galera-25.3.25-1.el7.s390x.rpm
- rh-mariadb102-galera-debuginfo-25.3.25-1.el7.ppc64le.rpm
- rh-mariadb102-mariadb-server-galera-syspaths-10.2.22-1.el7.aarch64.rpm
- rh-mariadb102-mariadb-test-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-galera-25.3.25-1.el6.src.rpm
- rh-mariadb102-mariadb-errmsg-10.2.22-1.el7.s390x.rpm
- rh-mariadb102-mariadb-test-10.2.22-1.el6.x86_64.rpm
- rh-mariadb102-mariadb-server-utils-10.2.22-1.el7.x86_64.rpm
- rh-mariadb102-mariadb-test-10.2.22-1.el7.s390x.rpm
Fixes
- This content is not included.BZ - 1503656
- This content is not included.BZ - 1503684
- This content is not included.BZ - 1524234
- This content is not included.BZ - 1535484
- This content is not included.BZ - 1535497
- This content is not included.BZ - 1535499
- This content is not included.BZ - 1535500
- This content is not included.BZ - 1535504
- This content is not included.BZ - 1535506
- This content is not included.BZ - 1568921
- This content is not included.BZ - 1568923
- This content is not included.BZ - 1568924
- This content is not included.BZ - 1568926
- This content is not included.BZ - 1568931
- This content is not included.BZ - 1568937
- This content is not included.BZ - 1568942
- This content is not included.BZ - 1568943
- This content is not included.BZ - 1568944
- This content is not included.BZ - 1568945
- This content is not included.BZ - 1568946
- This content is not included.BZ - 1568949
- This content is not included.BZ - 1568951
- This content is not included.BZ - 1568954
- This content is not included.BZ - 1568956
- This content is not included.BZ - 1602356
- This content is not included.BZ - 1602357
- This content is not included.BZ - 1602363
- This content is not included.BZ - 1602364
- This content is not included.BZ - 1602366
- This content is not included.BZ - 1602424
- This content is not included.BZ - 1640308
- This content is not included.BZ - 1640310
- This content is not included.BZ - 1640312
- This content is not included.BZ - 1640316
- This content is not included.BZ - 1640318
- This content is not included.BZ - 1640321
- This content is not included.BZ - 1640322
- This content is not included.BZ - 1640325
- This content is not included.BZ - 1640331
- This content is not included.BZ - 1640332
- This content is not included.BZ - 1640335
- This content is not included.BZ - 1640337
- This content is not included.BZ - 1666742
- This content is not included.BZ - 1666749
- This content is not included.BZ - 1666751
- This content is not included.BZ - 1666763
- This content is not included.BZ - 1701252
- This content is not included.BZ - 1701257
- This content is not included.BZ - 1704162
- This content is not included.BZ - 1709233
CVEs
- CVE-2017-10268
- CVE-2017-10378
- CVE-2017-15365
- CVE-2018-2562
- CVE-2018-2612
- CVE-2018-2622
- CVE-2018-2640
- CVE-2018-2665
- CVE-2018-2668
- CVE-2018-2755
- CVE-2018-2759
- CVE-2018-2761
- CVE-2018-2766
- CVE-2018-2771
- CVE-2018-2777
- CVE-2018-2781
- CVE-2018-2782
- CVE-2018-2784
- CVE-2018-2786
- CVE-2018-2787
- CVE-2018-2810
- CVE-2018-2813
- CVE-2018-2817
- CVE-2018-2819
- CVE-2018-3058
- CVE-2018-3060
- CVE-2018-3063
- CVE-2018-3064
- CVE-2018-3066
- CVE-2018-3081
- CVE-2018-3133
- CVE-2018-3143
- CVE-2018-3156
- CVE-2018-3162
- CVE-2018-3173
- CVE-2018-3174
- CVE-2018-3185
- CVE-2018-3200
- CVE-2018-3251
- CVE-2018-3277
- CVE-2018-3282
- CVE-2018-3284
- CVE-2019-2455
- CVE-2019-2503
- CVE-2019-2510
- CVE-2019-2537
- CVE-2020-14550
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.