{"id":"MGASA-2017-0096","summary":"Updated mariadb packages fix security vulnerability","details":"Crash in libmysqlclient.so in MariaDB 10.0.x through 10.0.29\n(CVE-2017-3302).\n\nVulnerability in the MariaDB Server component of MariaDB (subcomponent:\nServer: MyISAM). Difficult to exploit vulnerability allows low privileged\nattacker with logon to the infrastructure where MariaDB Server executes to\ncompromise MariaDB Server. Successful attacks of this vulnerability can\nresult in unauthorized access to critical data or complete access to all\nMariaDB Server accessible data (CVE-2017-3313).\n","modified":"2026-01-31T12:02:10.446810Z","published":"2017-03-31T06:14:39Z","related":["CVE-2017-3302","CVE-2017-3313"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0096.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=20487"},{"type":"REPORT","url":"https://mariadb.com/kb/en/mariadb/mariadb-10030-release-notes/"},{"type":"REPORT","url":"https://www.debian.org/security/2017/dsa-3809"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.30-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0096.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}