Red Hat Security Advisory 2015-1665-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. This update fixes several vulnerabilities in the MariaDB database server.
eee5d48a690c21e88f9787a0da818519c419771396111ec5b95d2704445ff426Red Hat Security Advisory 2015-1647-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. This update fixes several vulnerabilities in the MariaDB database server.
c19074cc30ee10160461cba41a7fba14cc48c4e3c83b609a85394af1f0a48077Red Hat Security Advisory 2015-1646-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. This update fixes several vulnerabilities in the MariaDB database server.
9e48c3c96eb61113412af42e99c4dde3ed3ab5100ec726ea8c150027ea62ebc0Debian Linux Security Advisory 3311-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.20.
1423eab35ca8f3dda7f15407470f35106928d003ba757689cf70b0a0c215170eSlackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
a878dedbe56e20804e45f7a781334aab7ec38b4450537c6f93add15127d7748fA vulnerability has been reported concerning the impossibility for MySQL users (with any major stable version) to enforce an effective SSL/TLS connection that would be immune from man-in-the-middle (MITM) attacks performing a malicious downgrade. Versions 5.7.2 and below are affected.
d063ca963fad7e412addd0e90a45f79969718f60a862dfd9f8babda513cc3918
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed