package/mariadb: security bump to version 10.3.15

The licensing text in README.md has changed slightly. The reference to
COPYING.LESSER has been removed. The file itself has been gone for awhile
now. COPYING.thirdparty has also been renamed to THIRDPARTY.

Release notes:
https://mariadb.com/kb/en/library/mariadb-10315-release-notes/

Changelog:
https://mariadb.com/kb/en/mariadb-10315-changelog/

Fixes the following security vulnerabilities:

CVE-2019-2614 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2019-2627 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Security: Privileges). Supported versions that are
affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior.
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server.

CVE-2019-2628 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and
prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server.

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
Ryan Coe 2019-06-10 16:30:25 -07:00 committed by Thomas Petazzoni
parent f969712a98
commit 033844c44d
2 changed files with 7 additions and 7 deletions

View File

@ -1,9 +1,9 @@
# From https://downloads.mariadb.org/mariadb/10.3.13
md5 603ce42e35b9a688f2cca05275acb5cb mariadb-10.3.13.tar.gz
sha1 08467885412184e99b835732913d445fd2c4b1b3 mariadb-10.3.13.tar.gz
sha256 b2aa857ef5b84f85a7ea60a1eac7b34c0ca5151c71a0d44ce2d7fb028d71459a mariadb-10.3.13.tar.gz
sha512 3cbd93291aa43b235e5b81d953ea69fb32df54fb518f922f69b5485952f01fae693c77b0efac37f414ed7ff132d3b58f899812bdb7be8a5b344c3640e2c3a0dd mariadb-10.3.13.tar.gz
# From https://downloads.mariadb.org/mariadb/10.3.15
md5 08edd8b5060a181e6dd3c6aac23218cd mariadb-10.3.15.tar.gz
sha1 134f6a1ee6bf3048580eca945a51cb3c9bda7cbe mariadb-10.3.15.tar.gz
sha256 27f391a54d544f93850d4edfb3ef1b4cf24f8e27e61e51727b0e7d31bb4d6968 mariadb-10.3.15.tar.gz
sha512 35332ac32cba27fef1b4ddd2209236853f4309756fd121fbdbd2b6be0651e817cedc80e276b89ccfa4bc76760811434fab45a4d380d0ebd500c7d9bd7377fe93 mariadb-10.3.15.tar.gz
# Hash for license files
sha256 43f4b5b13cecbbdb04a180cbf6c2bd64237819d1a32165b7d475c1b392e6a8d1 README.md
sha256 a4665c1189fe31e0bbc27e9b55439df7dad6e99805407fe58d78da7aabe678f8 README.md
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 COPYING

View File

@ -4,7 +4,7 @@
#
################################################################################
MARIADB_VERSION = 10.3.13
MARIADB_VERSION = 10.3.15
MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source
MARIADB_LICENSE = GPL-2.0 (server), GPL-2.0 with FLOSS exception (GPL client library), LGPL-2.0 (LGPL client library)
# Tarball no longer contains LGPL license text