Hi, Alex! On Sep 13, Alex wrote: > From what i noticed , centos6 hosts that were on mysql 5.6 , or mariadb > 10.1.17 is using the mysqld_safe. > Upgraded centos7 hosts , and mysqld_safe is no longer a running process > for mariadb 10.1.17. > > Would this mean that only the hosts that do not run the mysqld_safe are > safe ?
No, that could be a coincidence. It is true that the necessary part of the exploit is to run mysqld_safe. If you use systemd - this particular exploit won't work. But the vulnerability was fixed in 10.1.17, so even if you'd run mysqld_safe in 10.1.17 - you would've been safe. Regards, Sergei Chief Architect MariaDB and [email protected] _______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : [email protected] Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp
