rhsa-2014_1937
Vulnerability from csaf_redhat
Published
2014-12-02 16:48
Modified
2024-11-14 16:27
Summary
Red Hat Security Advisory: mariadb-galera security update
Notes
Topic
Updated mariadb-galera packages that fix multiple security issues are now
available for Red Hat Enterprise Linux OpenStack Platform 5.0 on Red Hat
Enterprise Linux 6.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL. Galera is a synchronous multi-master cluster for
MariaDB.
This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-4274,
CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559, CVE-2012-5615, CVE-2014-4258, CVE-2014-4260,
CVE-2014-2494, CVE-2014-4207)
These updated packages upgrade MariaDB to version 5.5.40. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.
All mariadb-galera users are advised to upgrade to these updated packages,
which correct these issues. After installing this update, the MariaDB
server daemon (mysqld) will be restarted automatically.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated mariadb-galera packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux OpenStack Platform 5.0 on Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "MariaDB is a multi-user, multi-threaded SQL database server that is binary\ncompatible with MySQL. Galera is a synchronous multi-master cluster for\nMariaDB.\n\nThis update fixes several vulnerabilities in the MariaDB database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory page, listed in the References section. (CVE-2014-4274,\nCVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,\nCVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,\nCVE-2014-6555, CVE-2014-6559, CVE-2012-5615, CVE-2014-4258, CVE-2014-4260,\nCVE-2014-2494, CVE-2014-4207)\n\nThese updated packages upgrade MariaDB to version 5.5.40. Refer to the\nMariaDB Release Notes listed in the References section for a complete list\nof changes.\n\nAll mariadb-galera users are advised to upgrade to these updated packages,\nwhich correct these issues. After installing this update, the MariaDB\nserver daemon (mysqld) will be restarted automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:1937",
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/",
"url": "https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/"
},
{
"category": "external",
"summary": "https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5539-release-notes/",
"url": "https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5539-release-notes/"
},
{
"category": "external",
"summary": "https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5538-release-notes/",
"url": "https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5538-release-notes/"
},
{
"category": "external",
"summary": "882608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882608"
},
{
"category": "external",
"summary": "1120382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120382"
},
{
"category": "external",
"summary": "1120383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120383"
},
{
"category": "external",
"summary": "1120387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120387"
},
{
"category": "external",
"summary": "1120388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120388"
},
{
"category": "external",
"summary": "1126271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1126271"
},
{
"category": "external",
"summary": "1153461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153461"
},
{
"category": "external",
"summary": "1153462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153462"
},
{
"category": "external",
"summary": "1153463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153463"
},
{
"category": "external",
"summary": "1153464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153464"
},
{
"category": "external",
"summary": "1153467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153467"
},
{
"category": "external",
"summary": "1153489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153489"
},
{
"category": "external",
"summary": "1153490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153490"
},
{
"category": "external",
"summary": "1153491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153491"
},
{
"category": "external",
"summary": "1153493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153493"
},
{
"category": "external",
"summary": "1153494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153494"
},
{
"category": "external",
"summary": "1153495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153495"
},
{
"category": "external",
"summary": "1153496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153496"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1937.json"
}
],
"title": "Red Hat Security Advisory: mariadb-galera security update",
"tracking": {
"current_release_date": "2024-11-14T16:27:50+00:00",
"generator": {
"date": "2024-11-14T16:27:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2014:1937",
"initial_release_date": "2014-12-02T16:48:44+00:00",
"revision_history": [
{
"date": "2014-12-02T16:48:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-12-02T16:48:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T16:27:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:5::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"product": {
"name": "mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"product_id": "mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-common@5.5.40-2.el6ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-server-0:5.5.40-2.el6ost.x86_64",
"product": {
"name": "mariadb-galera-server-0:5.5.40-2.el6ost.x86_64",
"product_id": "mariadb-galera-server-0:5.5.40-2.el6ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-server@5.5.40-2.el6ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"product": {
"name": "mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"product_id": "mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera-debuginfo@5.5.40-2.el6ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-galera-0:5.5.40-2.el6ost.src",
"product": {
"name": "mariadb-galera-0:5.5.40-2.el6ost.src",
"product_id": "mariadb-galera-0:5.5.40-2.el6ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mariadb-galera@5.5.40-2.el6ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-0:5.5.40-2.el6ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src"
},
"product_reference": "mariadb-galera-0:5.5.40-2.el6ost.src",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-common-0:5.5.40-2.el6ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64"
},
"product_reference": "mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64"
},
"product_reference": "mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-server-0:5.5.40-2.el6ost.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_id": "6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
},
"product_reference": "mariadb-galera-server-0:5.5.40-2.el6ost.x86_64",
"relates_to_product_reference": "6Server-RH6-RHOS-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-5615",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2012-12-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "882608"
}
],
"notes": [
{
"category": "description",
"text": "Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: Remote Preauth User Enumeration flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-5615"
},
{
"category": "external",
"summary": "RHBZ#882608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-5615",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5615"
}
],
"release_date": "2012-12-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: Remote Preauth User Enumeration flaw"
},
{
"cve": "CVE-2014-2494",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1120382"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to ENARC (CPU July 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2494"
},
{
"category": "external",
"summary": "RHBZ#1120382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2494"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: unspecified vulnerability related to ENARC (CPU July 2014)"
},
{
"cve": "CVE-2014-4207",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1120383"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-4207"
},
{
"category": "external",
"summary": "RHBZ#1120383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4207"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)"
},
{
"cve": "CVE-2014-4258",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1120387"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-4258"
},
{
"category": "external",
"summary": "RHBZ#1120387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-4258",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4258"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)"
},
{
"cve": "CVE-2014-4260",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1120388"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-4260"
},
{
"category": "external",
"summary": "RHBZ#1120388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-4260",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4260"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4260",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4260"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)"
},
{
"cve": "CVE-2014-4274",
"discovery_date": "2014-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1126271"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-4274"
},
{
"category": "external",
"summary": "RHBZ#1126271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1126271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-4274",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4274"
}
],
"release_date": "2014-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20"
},
{
"cve": "CVE-2014-4287",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153461"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-4287"
},
{
"category": "external",
"summary": "RHBZ#1153461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4287"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)"
},
{
"cve": "CVE-2014-6463",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153462"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6463"
},
{
"category": "external",
"summary": "RHBZ#1153462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6463"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)"
},
{
"cve": "CVE-2014-6464",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153463"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6464"
},
{
"category": "external",
"summary": "RHBZ#1153463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6464",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6464"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)"
},
{
"cve": "CVE-2014-6469",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153464"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6469"
},
{
"category": "external",
"summary": "RHBZ#1153464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6469",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6469"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)"
},
{
"cve": "CVE-2014-6484",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153467"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6484"
},
{
"category": "external",
"summary": "RHBZ#1153467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6484",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6484"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6484",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6484"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)"
},
{
"cve": "CVE-2014-6505",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153489"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6505"
},
{
"category": "external",
"summary": "RHBZ#1153489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6505",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6505"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)"
},
{
"cve": "CVE-2014-6507",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153490"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6507"
},
{
"category": "external",
"summary": "RHBZ#1153490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6507",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6507"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6507",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6507"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)"
},
{
"cve": "CVE-2014-6520",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153491"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6520"
},
{
"category": "external",
"summary": "RHBZ#1153491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153491"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6520",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6520"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6520",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6520"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)"
},
{
"cve": "CVE-2014-6530",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153493"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6530"
},
{
"category": "external",
"summary": "RHBZ#1153493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6530",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6530"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6530",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6530"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)"
},
{
"cve": "CVE-2014-6551",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153494"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6551"
},
{
"category": "external",
"summary": "RHBZ#1153494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6551",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6551"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6551",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6551"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)"
},
{
"cve": "CVE-2014-6555",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153495"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6555"
},
{
"category": "external",
"summary": "RHBZ#1153495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6555"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)"
},
{
"cve": "CVE-2014-6559",
"discovery_date": "2014-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1153496"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-6559"
},
{
"category": "external",
"summary": "RHBZ#1153496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-6559",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6559"
}
],
"release_date": "2014-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-12-02T16:48:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1937"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-RH6-RHOS-5.0:mariadb-galera-0:5.5.40-2.el6ost.src",
"6Server-RH6-RHOS-5.0:mariadb-galera-common-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-debuginfo-0:5.5.40-2.el6ost.x86_64",
"6Server-RH6-RHOS-5.0:mariadb-galera-server-0:5.5.40-2.el6ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.