SUSE-SU-2017:0411-1
Vulnerability from csaf_suse - Published: 2017-02-07 12:16 - Updated: 2017-02-07 12:16Summary
Security update for mariadb
Severity
Important
Notes
Title of the patch: Security update for mariadb
Description of the patch:
This mariadb version update to 10.0.29 fixes the following issues:
- CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896)
- CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894)
- CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873)
- CVE-2017-3291: unrestricted mysqld_safe's ledir (bsc#1020884)
- CVE-2017-3265: unsafe chmod/chown use in init script (bsc#1020885)
- CVE-2017-3258: unspecified vulnerability in the DDL component (bsc#1020875)
- CVE-2017-3257: unspecified vulnerability affecting InnoDB (bsc#1020878)
- CVE-2017-3244: unspecified vulnerability affecing the DML component (bsc#1020877)
- CVE-2017-3243: unspecified vulnerability affecting the Charsets component (bsc#1020891)
- CVE-2017-3238: unspecified vulnerability affecting the Optimizer component (bsc#1020882)
- CVE-2016-6664: Root Privilege Escalation (bsc#1008253)
- Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428)
- notable changes:
* XtraDB updated to 5.6.34-79.1
* TokuDB updated to 5.6.34-79.1
* Innodb updated to 5.6.35
* Performance Schema updated to 5.6.35
Release notes and changelog:
* https://kb.askmonty.org/en/mariadb-10029-release-notes
* https://kb.askmonty.org/en/mariadb-10029-changelog
Patchnames: SUSE-SLE-SAP-12-2017-205,SUSE-SLE-SERVER-12-2017-205
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.6 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mariadb",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis mariadb version update to 10.0.29 fixes the following issues:\n\n- CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896)\n- CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894)\n- CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873)\n- CVE-2017-3291: unrestricted mysqld_safe\u0027s ledir (bsc#1020884)\n- CVE-2017-3265: unsafe chmod/chown use in init script (bsc#1020885)\n- CVE-2017-3258: unspecified vulnerability in the DDL component (bsc#1020875)\n- CVE-2017-3257: unspecified vulnerability affecting InnoDB (bsc#1020878)\n- CVE-2017-3244: unspecified vulnerability affecing the DML component (bsc#1020877)\n- CVE-2017-3243: unspecified vulnerability affecting the Charsets component (bsc#1020891)\n- CVE-2017-3238: unspecified vulnerability affecting the Optimizer component (bsc#1020882)\n- CVE-2016-6664: Root Privilege Escalation (bsc#1008253)\n- Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428)\n\n- notable changes:\n * XtraDB updated to 5.6.34-79.1\n * TokuDB updated to 5.6.34-79.1\n * Innodb updated to 5.6.35\n * Performance Schema updated to 5.6.35\n\nRelease notes and changelog:\n * https://kb.askmonty.org/en/mariadb-10029-release-notes\n * https://kb.askmonty.org/en/mariadb-10029-changelog\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2017-205,SUSE-SLE-SERVER-12-2017-205",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0411-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0411-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170411-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0411-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-February/002628.html"
},
{
"category": "self",
"summary": "SUSE Bug 1008253",
"url": "https://bugzilla.suse.com/1008253"
},
{
"category": "self",
"summary": "SUSE Bug 1020868",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "self",
"summary": "SUSE Bug 1020873",
"url": "https://bugzilla.suse.com/1020873"
},
{
"category": "self",
"summary": "SUSE Bug 1020875",
"url": "https://bugzilla.suse.com/1020875"
},
{
"category": "self",
"summary": "SUSE Bug 1020877",
"url": "https://bugzilla.suse.com/1020877"
},
{
"category": "self",
"summary": "SUSE Bug 1020878",
"url": "https://bugzilla.suse.com/1020878"
},
{
"category": "self",
"summary": "SUSE Bug 1020882",
"url": "https://bugzilla.suse.com/1020882"
},
{
"category": "self",
"summary": "SUSE Bug 1020884",
"url": "https://bugzilla.suse.com/1020884"
},
{
"category": "self",
"summary": "SUSE Bug 1020885",
"url": "https://bugzilla.suse.com/1020885"
},
{
"category": "self",
"summary": "SUSE Bug 1020891",
"url": "https://bugzilla.suse.com/1020891"
},
{
"category": "self",
"summary": "SUSE Bug 1020894",
"url": "https://bugzilla.suse.com/1020894"
},
{
"category": "self",
"summary": "SUSE Bug 1020896",
"url": "https://bugzilla.suse.com/1020896"
},
{
"category": "self",
"summary": "SUSE Bug 1022428",
"url": "https://bugzilla.suse.com/1022428"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6664 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3238 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3243 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3244 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3257 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3258 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3265 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3291 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3312 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3317 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3317/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3318 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3318/"
}
],
"title": "Security update for mariadb",
"tracking": {
"current_release_date": "2017-02-07T12:16:05Z",
"generator": {
"date": "2017-02-07T12:16:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0411-1",
"initial_release_date": "2017-02-07T12:16:05Z",
"revision_history": [
{
"date": "2017-02-07T12:16:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"product": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"product_id": "libmysqlclient-devel-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.29-20.23.1.ppc64le",
"product": {
"name": "libmysqlclient18-10.0.29-20.23.1.ppc64le",
"product_id": "libmysqlclient18-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"product": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"product_id": "libmysqlclient_r18-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.29-20.23.1.ppc64le",
"product": {
"name": "libmysqld-devel-10.0.29-20.23.1.ppc64le",
"product_id": "libmysqld-devel-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.29-20.23.1.ppc64le",
"product": {
"name": "libmysqld18-10.0.29-20.23.1.ppc64le",
"product_id": "libmysqld18-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.29-20.23.1.ppc64le",
"product": {
"name": "mariadb-10.0.29-20.23.1.ppc64le",
"product_id": "mariadb-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.29-20.23.1.ppc64le",
"product": {
"name": "mariadb-client-10.0.29-20.23.1.ppc64le",
"product_id": "mariadb-client-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"product": {
"name": "mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"product_id": "mariadb-errormessages-10.0.29-20.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.29-20.23.1.ppc64le",
"product": {
"name": "mariadb-tools-10.0.29-20.23.1.ppc64le",
"product_id": "mariadb-tools-10.0.29-20.23.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.29-20.23.1.s390x",
"product": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.s390x",
"product_id": "libmysqlclient-devel-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.29-20.23.1.s390x",
"product": {
"name": "libmysqlclient18-10.0.29-20.23.1.s390x",
"product_id": "libmysqlclient18-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"product": {
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"product_id": "libmysqlclient18-32bit-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.29-20.23.1.s390x",
"product": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.s390x",
"product_id": "libmysqlclient_r18-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.29-20.23.1.s390x",
"product": {
"name": "libmysqld-devel-10.0.29-20.23.1.s390x",
"product_id": "libmysqld-devel-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.29-20.23.1.s390x",
"product": {
"name": "libmysqld18-10.0.29-20.23.1.s390x",
"product_id": "libmysqld18-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.29-20.23.1.s390x",
"product": {
"name": "mariadb-10.0.29-20.23.1.s390x",
"product_id": "mariadb-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.29-20.23.1.s390x",
"product": {
"name": "mariadb-client-10.0.29-20.23.1.s390x",
"product_id": "mariadb-client-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.29-20.23.1.s390x",
"product": {
"name": "mariadb-errormessages-10.0.29-20.23.1.s390x",
"product_id": "mariadb-errormessages-10.0.29-20.23.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.29-20.23.1.s390x",
"product": {
"name": "mariadb-tools-10.0.29-20.23.1.s390x",
"product_id": "mariadb-tools-10.0.29-20.23.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"product": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"product_id": "libmysqlclient-devel-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.29-20.23.1.x86_64",
"product": {
"name": "libmysqlclient18-10.0.29-20.23.1.x86_64",
"product_id": "libmysqlclient18-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"product": {
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"product_id": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"product": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"product_id": "libmysqlclient_r18-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.29-20.23.1.x86_64",
"product": {
"name": "libmysqld-devel-10.0.29-20.23.1.x86_64",
"product_id": "libmysqld-devel-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.29-20.23.1.x86_64",
"product": {
"name": "libmysqld18-10.0.29-20.23.1.x86_64",
"product_id": "libmysqld18-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.29-20.23.1.x86_64",
"product": {
"name": "mariadb-10.0.29-20.23.1.x86_64",
"product_id": "mariadb-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.29-20.23.1.x86_64",
"product": {
"name": "mariadb-client-10.0.29-20.23.1.x86_64",
"product_id": "mariadb-client-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.29-20.23.1.x86_64",
"product": {
"name": "mariadb-errormessages-10.0.29-20.23.1.x86_64",
"product_id": "mariadb-errormessages-10.0.29-20.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.29-20.23.1.x86_64",
"product": {
"name": "mariadb-tools-10.0.29-20.23.1.x86_64",
"product_id": "mariadb-tools-10.0.29-20.23.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient18-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqld-devel-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqld18-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-client-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-tools-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le"
},
"product_reference": "libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x"
},
"product_reference": "libmysqlclient-devel-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le"
},
"product_reference": "libmysqlclient18-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x"
},
"product_reference": "libmysqlclient18-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient18-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x"
},
"product_reference": "libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le"
},
"product_reference": "libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x"
},
"product_reference": "libmysqlclient_r18-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le"
},
"product_reference": "libmysqld-devel-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x"
},
"product_reference": "libmysqld-devel-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqld-devel-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le"
},
"product_reference": "libmysqld18-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x"
},
"product_reference": "libmysqld18-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64"
},
"product_reference": "libmysqld18-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le"
},
"product_reference": "mariadb-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x"
},
"product_reference": "mariadb-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le"
},
"product_reference": "mariadb-client-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x"
},
"product_reference": "mariadb-client-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-client-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le"
},
"product_reference": "mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x"
},
"product_reference": "mariadb-errormessages-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.29-20.23.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le"
},
"product_reference": "mariadb-tools-10.0.29-20.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.29-20.23.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x"
},
"product_reference": "mariadb-tools-10.0.29-20.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.29-20.23.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64"
},
"product_reference": "mariadb-tools-10.0.29-20.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-6664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6664"
}
],
"notes": [
{
"category": "general",
"text": "mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6664",
"url": "https://www.suse.com/security/cve/CVE-2016-6664"
},
{
"category": "external",
"summary": "SUSE Bug 1008253 for CVE-2016-6664",
"url": "https://bugzilla.suse.com/1008253"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2016-6664",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020873 for CVE-2016-6664",
"url": "https://bugzilla.suse.com/1020873"
},
{
"category": "external",
"summary": "SUSE Bug 998309 for CVE-2016-6664",
"url": "https://bugzilla.suse.com/998309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "important"
}
],
"title": "CVE-2016-6664"
},
{
"cve": "CVE-2017-3238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3238"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3238",
"url": "https://www.suse.com/security/cve/CVE-2017-3238"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3238",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020882 for CVE-2017-3238",
"url": "https://bugzilla.suse.com/1020882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3238"
},
{
"cve": "CVE-2017-3243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3243"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3243",
"url": "https://www.suse.com/security/cve/CVE-2017-3243"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3243",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020891 for CVE-2017-3243",
"url": "https://bugzilla.suse.com/1020891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3243"
},
{
"cve": "CVE-2017-3244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3244"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3244",
"url": "https://www.suse.com/security/cve/CVE-2017-3244"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3244",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020877 for CVE-2017-3244",
"url": "https://bugzilla.suse.com/1020877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3244"
},
{
"cve": "CVE-2017-3257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3257"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3257",
"url": "https://www.suse.com/security/cve/CVE-2017-3257"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3257",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020878 for CVE-2017-3257",
"url": "https://bugzilla.suse.com/1020878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3257"
},
{
"cve": "CVE-2017-3258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3258"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3258",
"url": "https://www.suse.com/security/cve/CVE-2017-3258"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3258",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020875 for CVE-2017-3258",
"url": "https://bugzilla.suse.com/1020875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3258"
},
{
"cve": "CVE-2017-3265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3265"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3265",
"url": "https://www.suse.com/security/cve/CVE-2017-3265"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3265",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020885 for CVE-2017-3265",
"url": "https://bugzilla.suse.com/1020885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3265"
},
{
"cve": "CVE-2017-3291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3291"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3291",
"url": "https://www.suse.com/security/cve/CVE-2017-3291"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3291",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020884 for CVE-2017-3291",
"url": "https://bugzilla.suse.com/1020884"
},
{
"category": "external",
"summary": "SUSE Bug 998309 for CVE-2017-3291",
"url": "https://bugzilla.suse.com/998309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3291"
},
{
"cve": "CVE-2017-3312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3312"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3312",
"url": "https://www.suse.com/security/cve/CVE-2017-3312"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3312",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020873 for CVE-2017-3312",
"url": "https://bugzilla.suse.com/1020873"
},
{
"category": "external",
"summary": "SUSE Bug 998309 for CVE-2017-3312",
"url": "https://bugzilla.suse.com/998309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3312"
},
{
"cve": "CVE-2017-3317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3317"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3317",
"url": "https://www.suse.com/security/cve/CVE-2017-3317"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3317",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020894 for CVE-2017-3317",
"url": "https://bugzilla.suse.com/1020894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "low"
}
],
"title": "CVE-2017-3317"
},
{
"cve": "CVE-2017-3318",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3318"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3318",
"url": "https://www.suse.com/security/cve/CVE-2017-3318"
},
{
"category": "external",
"summary": "SUSE Bug 1020868 for CVE-2017-3318",
"url": "https://bugzilla.suse.com/1020868"
},
{
"category": "external",
"summary": "SUSE Bug 1020896 for CVE-2017-3318",
"url": "https://bugzilla.suse.com/1020896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:mariadb-tools-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient18-32bit-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqlclient_r18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld-devel-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libmysqld18-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-client-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-errormessages-10.0.29-20.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:mariadb-tools-10.0.29-20.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-07T12:16:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-3318"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…