rpm package

suse/mariadb&distro=SUSE Linux Enterprise Software Development Kit 12 SP1

pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Vulnerabilities (63)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-3302	Hig	7.5	< 10.0.30-25.1	10.0.30-25.1	Feb 12, 2017	Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-3318	Med	4.0	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logo
CVE-2017-3317	Med	4.0	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infras
CVE-2017-3313	Med	4.7	< 10.0.30-25.1	10.0.30-25.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the
CVE-2017-3312	Med	6.7	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to t
CVE-2017-3291	Med	6.3	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3265	Med	5.6	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3258	Med	6.5	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3257	Med	6.5	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to
CVE-2017-3244	Med	6.5	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3243	Med	4.4	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2017-3238	Med	6.5	< 10.0.29-22.1	10.0.29-22.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2016-6664	Hig	7.0	< 10.0.29-22.1	10.0.29-22.1	Dec 13, 2016	mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before
CVE-2016-6663	Hig	7.0	< 10.0.28-17.2	10.0.28-17.2	Dec 13, 2016	Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Perco
CVE-2016-7440	Med	5.5	< 10.0.28-17.2	10.0.28-17.2	Dec 13, 2016	The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2016-8283	Med	4.3	< 10.0.28-17.2	10.0.28-17.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2016-5629	Med	4.9	< 10.0.28-17.2	10.0.28-17.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
CVE-2016-5626	Med	6.5	< 10.0.28-17.2	10.0.28-17.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2016-5624	Med	6.5	< 10.0.28-17.2	10.0.28-17.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-5584	Med	4.4	< 10.0.28-17.2	10.0.28-17.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

CVE-2017-3302HigFeb 12, 2017
affected < 10.0.30-25.1fixed 10.0.30-25.1
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-3318MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logo
CVE-2017-3317MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infras
CVE-2017-3313MedJan 27, 2017
affected < 10.0.30-25.1fixed 10.0.30-25.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the
CVE-2017-3312MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to t
CVE-2017-3291MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3265MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3258MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3257MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to
CVE-2017-3244MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3243MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2017-3238MedJan 27, 2017
affected < 10.0.29-22.1fixed 10.0.29-22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2016-6664HigDec 13, 2016
affected < 10.0.29-22.1fixed 10.0.29-22.1
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before
CVE-2016-6663HigDec 13, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Perco
CVE-2016-7440MedDec 13, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2016-8283MedOct 25, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2016-5629MedOct 25, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
CVE-2016-5626MedOct 25, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2016-5624MedOct 25, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-5584MedOct 25, 2016
affected < 10.0.28-17.2fixed 10.0.28-17.2
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

Page 1 of 4