2015-06-13 18:25:41 |
Otto Kekäläinen |
bug |
|
|
added bug |
2015-06-13 18:27:38 |
Otto Kekäläinen |
description |
For details see http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3152.html
Latest MariaDB release 5.5.44 fixes this. I am now preparing an security release for Ubuntu 14.04 and 14.10. |
For details see http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3152.html
Latest MariaDB release 5.5.44 fixes this.
From https://mariadb.com/kb/en/mariadb/mariadb-5544-release-notes/:
Client command line option --ssl-verify-server-cert (and MYSQL_OPT_SSL_VERIFY_SERVER_CERT option of the client API) when used together with --ssl will ensure that the established connection is SSL-encrypted and the MariaDB server has a valid certificate. This fixes CVE-2015-3152.
I am now preparing an security release for Ubuntu 14.04 and 14.10. |
|
2015-06-13 21:12:22 |
Otto Kekäläinen |
attachment added |
|
5.5.44-1ubuntu0.14.04.2.diff https://bugs.launchpad.net/ubuntu/+source/mariadb-5.5/+bug/1464895/+attachment/4414411/+files/5.5.44-1ubuntu0.14.04.2.diff |
|
2015-06-13 21:13:03 |
Otto Kekäläinen |
attachment added |
|
5.5.44-1ubuntu0.14.10.1.diff https://bugs.launchpad.net/ubuntu/+source/mariadb-5.5/+bug/1464895/+attachment/4414412/+files/5.5.44-1ubuntu0.14.10.1.diff |
|
2015-06-13 22:57:47 |
Otto Kekäläinen |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2015-06-15 22:24:02 |
Otto Kekäläinen |
summary |
CVE-2015-3152: MySQL SSL/TLS downgrade downgrade vulnerability |
CVE-2015-3152: MySQL SSL/TLS downgrade vulnerability |
|
2015-06-16 01:58:48 |
Seth Arnold |
bug watch added |
|
http://bugs.mysql.com/bug.php?id=77275 |
|
2015-06-18 01:39:22 |
Launchpad Janitor |
mariadb-5.5 (Ubuntu): status |
New |
Fix Released |
|
2015-06-18 01:39:22 |
Launchpad Janitor |
cve linked |
|
2015-3152 |
|
2015-06-18 01:39:23 |
Launchpad Janitor |
mariadb-5.5 (Ubuntu): status |
New |
Fix Released |
|
2015-06-21 18:47:26 |
Otto Kekäläinen |
information type |
Private Security |
Public |
|
2015-06-22 19:29:57 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/trusty-security/mariadb-5.5 |
|
2015-06-22 19:30:21 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/utopic-security/mariadb-5.5 |
|
2015-07-06 18:02:06 |
Otto Kekäläinen |
bug task added |
|
mariadb-10.0 (Ubuntu) |
|
2015-07-13 15:29:29 |
Launchpad Janitor |
mariadb-10.0 (Ubuntu): status |
New |
Fix Released |
|
2015-07-13 15:29:29 |
Launchpad Janitor |
cve linked |
|
2014-8964 |
|
2015-07-13 15:29:29 |
Launchpad Janitor |
cve linked |
|
2015-0499 |
|
2015-07-13 15:29:29 |
Launchpad Janitor |
cve linked |
|
2015-0501 |
|
2015-07-13 15:29:29 |
Launchpad Janitor |
cve linked |
|
2015-0505 |
|
2015-07-13 15:29:29 |
Launchpad Janitor |
cve linked |
|
2015-2571 |
|