Merge branch 'master' of https://github.com/major/MySQLTuner-perl
This commit is contained in:
		
						commit
						062b50fe72
					
				
					 3 changed files with 85 additions and 24 deletions
				
			
		|  | @ -203,7 +203,7 @@ | |||
|    * MySQL needs 1 instanes per 1Go of Buffer Pool | ||||
|    * innodb_buffer_pool instances = round(innodb_buffer_pool_size / 1Go) | ||||
|    * innodb_buffer_pool instances must be equals or lower than 64 | ||||
| *  InnoDB Buffer Pool uUsage | ||||
| *  InnoDB Buffer Pool Usage | ||||
|    * If more than 20% of InnoDB buffer pool is not used, MySQLTuner raise an alert. | ||||
| * InnoDB Read effiency | ||||
|    * Ratio of read without locks | ||||
|  |  | |||
|  | @ -1,5 +1,5 @@ | |||
| #!/usr/bin/env perl | ||||
| # mysqltuner.pl - Version 1.6.13 | ||||
| # mysqltuner.pl - Version 1.6.14 | ||||
| # High Performance MySQL Tuning Script | ||||
| # Copyright (C) 2006-2016 Major Hayden - major@mhtx.net | ||||
| # | ||||
|  | @ -54,7 +54,7 @@ $Data::Dumper::Pair = " : "; | |||
| #use Env; | ||||
| 
 | ||||
| # Set up a few variables for use in the script | ||||
| my $tunerversion = "1.6.13"; | ||||
| my $tunerversion = "1.6.14"; | ||||
| my ( @adjvars, @generalrec ); | ||||
| 
 | ||||
| # Set defaults | ||||
|  | @ -490,9 +490,6 @@ sub validate_tuner_version { | |||
|         compare_tuner_version($update); | ||||
|         return; | ||||
|     } | ||||
|     else { | ||||
| 
 | ||||
|     } | ||||
| 
 | ||||
|     if ( $httpcli =~ /wget$/ ) { | ||||
|         debugprint "$httpcli is available."; | ||||
|  | @ -593,7 +590,7 @@ sub compare_tuner_version { | |||
|         return; | ||||
|     } | ||||
|     goodprint "You have the latest version of MySQLTuner($tunerversion)"; | ||||
|     exit 0; | ||||
|     return; | ||||
| } | ||||
| 
 | ||||
| # Checks to see if a MySQL login is possible | ||||
|  | @ -948,6 +945,11 @@ sub arr2hash { | |||
| sub get_all_vars { | ||||
|     # We need to initiate at least one query so that our data is useable | ||||
|     $dummyselect = select_one "SELECT VERSION()"; | ||||
|     if (not defined($dummyselect) or $dummyselect== "") { | ||||
|       badprint "You probably doesn't get enough privileges for running MySQLTuner ..."; | ||||
|       exit(256); | ||||
|     } | ||||
|     $dummyselect =~ s/(.*?)\-.*/$1/; | ||||
|     debugprint "VERSION: " . $dummyselect . ""; | ||||
|     $result{'MySQL Client'}{'Version'} = $dummyselect; | ||||
| 
 | ||||
|  | @ -3045,9 +3047,7 @@ sub mysqsl_pfs { | |||
|         infoprint "Performance schema is disabled."; | ||||
|         return; | ||||
|     } | ||||
|     else { | ||||
|     infoprint "Performance schema is enabled."; | ||||
|     } | ||||
|     infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() ); | ||||
| 
 | ||||
|     if (grep /^sys$/, select_array("SHOW DATABASES")) { | ||||
|  | @ -3056,6 +3056,7 @@ sub mysqsl_pfs { | |||
|         infoprint "Sys schema isn't installed."; | ||||
|         return; | ||||
|     } | ||||
|      | ||||
| } | ||||
| 
 | ||||
| # Recommendations for Ariadb | ||||
|  | @ -3324,7 +3325,8 @@ sub mariadb_galera { | |||
|         else { | ||||
|             goodprint "SST Method is based on xtrabackup."; | ||||
|         } | ||||
|         if ( trim( $myvar{'wsrep_OSU_method'} ) eq "TOI" ) { | ||||
|         if  ( (defined($myvar{'wsrep_OSU_method'}) && trim( $myvar{'wsrep_OSU_method'} ) eq "TOI") || | ||||
|               (defined($myvar{'wsrep_osu_method'}) && trim( $myvar{'wsrep_osu_method'} ) eq "TOI") ) { | ||||
|             goodprint "TOI is default mode for upgrade."; | ||||
|         } | ||||
|         else { | ||||
|  | @ -4074,7 +4076,7 @@ __END__ | |||
| 
 | ||||
| =head1 NAME | ||||
| 
 | ||||
|  MySQLTuner 1.6.13 - MySQL High Performance Tuning Script | ||||
|  MySQLTuner 1.6.14 - MySQL High Performance Tuning Script | ||||
| 
 | ||||
| =head1 IMPORTANT USAGE GUIDELINES | ||||
| 
 | ||||
|  |  | |||
|  | @ -427,17 +427,76 @@ | |||
| 5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4   |   CONFIRM:http://php.net/ChangeLog-5.php   |   CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; | ||||
| 5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4   |   CONFIRM:http://php.net/ChangeLog-5.php   |   CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; | ||||
| 5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4   |   CONFIRM:http://php.net/ChangeLog-5.php   |   CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)"; | ||||
| 5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html   |   CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html   |   CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:0367   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html   |   UBUNTU:USN-2881-1   |   URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)"; | ||||
| 5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation   |   URL:http://www.openwall.com/lists/oss-security/2016/01/26/3   |   CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/   |   CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html   |   DEBIAN:DSA-3453   |   URL:http://www.debian.org/security/2016/dsa-3453   |   REDHAT:RHSA-2016:0534   |   URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html   |   SUSE:openSUSE-SU-2016:1686   |   URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160317);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
| 10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/   |   CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/";Assigned (20160616);"None (candidate not yet proposed)"; | ||||
|  |  | |||
| 
 | 
		Loading…
	
		Reference in a new issue
	
	 Jean-Marie RENOUARD
						Jean-Marie RENOUARD