CVE-2018-3060 CVE-2018-3064 CVE-2018-3063 CVE-2018-3058 CVE-2018-3066 CVE-2018-3081
sudo dnf upgrade --advisory=FEDORA-2018-77e610115a
This update has been submitted for testing by mschorm.
hello mschorm, CVE-2018-3081 has already been fixed in the official mariadb release 10.2.15 (https://mariadb.com/kb/en/library/mariadb-10215-release-notes/). The official Release 10.2.17 fixes only5 of the 6 cves you mentioned (https://mariadb.com/kb/en/library/mariadb-10217-release-notes/). So is CVE-2018-3081 really fixed with this security update or was it already fixed? I could not find any reference to this cve in the fedora release 10.2.15 (https://bodhi.fedoraproject.org/updates/FEDORA-2018-86026275ea).
This update has been pushed to testing.
no regressions noted
This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.
You are correct. It has been already fixed in 10.2:15, but I added it to this release.
One of the reasons is, that even the upstream marked it fixed some time after release. (Maybe fixed it not knowing it was a CVE, marking it later)
I thought it would be good move to mention it atleast now, when I couldn't (or forgot to) do it with older release. Is that OK? Would you like me to change the formating somehow?
@mschorm alright! I like your formatting :-) I was just concerned wether the vulnerability still exists in the fedora release 10.2.16 or not.
I tested this with my music server and it seems to work.
This update has been submitted for batched by mschorm.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
Please login to add feedback.
Confirm request to re-trigger tests.
Copyright © 2007-2019 Red Hat, Inc. and
bodhi is Free Software.
if you have any problems. Read the documentation.