Control: retitle 842895 mariadb-10.0: CVE-2016-6664 Control: clone 842895 -1 Control: reassign -1 src:mariadb-10.1 Control: retitle -1 mariadb-10.1: CVE-2016-6664
Hi Otto, On Wed, Nov 02, 2016 at 07:27:40AM +0100, Salvatore Bonaccorso wrote: > Source: mariadb-10.0 > Version: 10.0.16-1 > Severity: grave > Tags: security upstream > Justification: user security hole > > Hi, > > the following vulnerabilities were published for mariadb-10.0. > > CVE-2016-6664[0], which is a duplicate of CVE-2016-5617. > > CVE-2016-5617[1]: > | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 > | and earlier, and 5.7.14 and earlier allows local users to affect > | confidentiality, integrity, and availability via vectors related to > | Server: Error Handling. FTR: The second CVE has been rejected in favour of CVE-2016-6664, so retitling this bug accordingly to avoid confusions. Since now mariadb-10.1 entered as well unstable, cloning this bug for reference. I have though not (yet) checked if any of the other CVEs is as well open with the 10.1.20 upstream release. Regards, Salvatore