Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.2409 Important: mariadb-galera security update 14 October 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: mariadb-galera Publisher: Red Hat Operating System: Red Hat Impact/Access: Root Compromise -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2016-6662 Reference: ESB-2016.2272 ESB-2016.2219 ESB-2016.2163 ESB-2016.2161 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2016-2058.html https://rhn.redhat.com/errata/RHSA-2016-2059.html https://rhn.redhat.com/errata/RHSA-2016-2060.html https://rhn.redhat.com/errata/RHSA-2016-2061.html https://rhn.redhat.com/errata/RHSA-2016-2062.html Comment: This bulletin contains five (5) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mariadb-galera security update Advisory ID: RHSA-2016:2058-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2058.html Issue date: 2016-10-13 CVE Names: CVE-2016-6662 ===================================================================== 1. Summary: An update for mariadb-galera is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6: Source: mariadb-galera-5.5.42-1.1.el6ost.src.rpm x86_64: mariadb-galera-common-5.5.42-1.1.el6ost.x86_64.rpm mariadb-galera-debuginfo-5.5.42-1.1.el6ost.x86_64.rpm mariadb-galera-server-5.5.42-1.1.el6ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/cve/CVE-2016-6662 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/+m+XlSAg2UNWIIRAhyMAJ9DsXCln7YBsiC07myChizET4FqVACdHjRK qwCGSv6ibpsND+rJuAOK+FQ= =6CBH - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mariadb-galera security and bug fix update Advisory ID: RHSA-2016:2059-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2059.html Issue date: 2016-10-13 CVE Names: CVE-2016-6662 ===================================================================== 1. Summary: An update for mariadb-galera is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) Bug Fix(es): * Because Red Hat Enterprise Linux 7.3 changed the return format of the "systemctl is-enabled" command as consumed by shell scripts, the mariadb-galera RPM package, upon installation, erroneously detected that the MariaDB service was enabled when it was not. As a result, the Red Hat OpenStack Platform installer, which then tried to run mariadb-galera using Pacemaker and not systemd, failed to start Galera. With this update, mariadb-galera's RPM installation scripts now use a different systemctl command, correctly detecting the default MariaDB as disabled, and the installer can succeed. (BZ#1376908) * Previously, both the mariadb-server and mariadb-galera-server packages shipped the client-facing libraries, dialog.so and mysql_clear_password.so. As a result, the mariadb-galera-server package would fail to install because of package conflicts. With this update, these libraries have been moved from mariadb-galera-server to mariadb-libs, and the mariadb-galera-server package installs successfully. (BZ#1376902) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation 1376902 - RHEL 7.3 upgrades fails on upgrade because of mariadb-libs package conflict. 1376908 - mysqld service prevents haproxy to get started and deployment fails 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7: Source: mariadb-galera-5.5.42-1.2.el7ost.src.rpm x86_64: mariadb-galera-common-5.5.42-1.2.el7ost.x86_64.rpm mariadb-galera-debuginfo-5.5.42-1.2.el7ost.x86_64.rpm mariadb-galera-server-5.5.42-1.2.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/cve/CVE-2016-6662 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/+ncXlSAg2UNWIIRAjDHAJ9pQ8o9rq4RJ1X10ucF9ZV7ZNAtNQCfY+ue VoMtEE5l2Wp00bPtZcTFdJ0= =ReLe - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mariadb-galera security and bug fix update Advisory ID: RHSA-2016:2060-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2060.html Issue date: 2016-10-13 CVE Names: CVE-2016-6662 ===================================================================== 1. Summary: An update for mariadb-galera is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) Bug Fix(es): * Because Red Hat Enterprise Linux 7.3 changed the return format of the "systemctl is-enabled" command as consumed by shell scripts, the mariadb-galera RPM package, upon installation, erroneously detected that the MariaDB service was enabled when it was not. As a result, the Red Hat OpenStack Platform installer, which then tried to run mariadb-galera using Pacemaker and not systemd, failed to start Galera. With this update, mariadb-galera's RPM installation scripts now use a different systemctl command, correctly detecting the default MariaDB as disabled, and the installer can succeed. (BZ#1376909) * Previously, both the mariadb-server and mariadb-galera-server packages shipped the client-facing libraries, dialog.so and mysql_clear_password.so. As a result, the mariadb-galera-server package would fail to install because of package conflicts. With this update, these libraries have been moved from mariadb-galera-server to mariadb-libs, and the mariadb-galera-server package installs successfully. (BZ#1376903) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation 1376903 - RHEL 7.3 upgrades fails on upgrade because of mariadb-libs package conflict. 1376909 - mysqld service prevents haproxy to get started and deployment fails 6. Package List: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7: Source: mariadb-galera-5.5.42-1.2.el7ost.src.rpm x86_64: mariadb-galera-common-5.5.42-1.2.el7ost.x86_64.rpm mariadb-galera-debuginfo-5.5.42-1.2.el7ost.x86_64.rpm mariadb-galera-server-5.5.42-1.2.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/cve/CVE-2016-6662 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/+n4XlSAg2UNWIIRAqiYAKCmra9Lgje5oDlMbH8GxPJJMpsMogCfSb30 92s2svQXFq4UxaT7xg3sE78= =QfH5 - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mariadb-galera security and bug fix update Advisory ID: RHSA-2016:2061-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2061.html Issue date: 2016-10-13 CVE Names: CVE-2016-6662 ===================================================================== 1. Summary: An update for mariadb-galera is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) Bug Fix(es): * Previously, both the mariadb-server and mariadb-galera-server packages shipped the client-facing libraries, dialog.so and mysql_clear_password.so. As a result, the mariadb-galera-server package would fail to install because of package conflicts. With this update, these libraries have been moved from mariadb-galera-server to mariadb-libs, and the mariadb-galera-server package installs successfully. (BZ#1376904) * Because Red Hat Enterprise Linux 7.3 changed the return format of the "systemctl is-enabled" command as consumed by shell scripts, the mariadb-galera RPM package, upon installation, erroneously detected that the MariaDB service was enabled when it was not. As a result, the Red Hat OpenStack Platform installer, which then tried to run mariadb-galera using Pacemaker and not systemd, failed to start Galera. With this update, mariadb-galera's RPM installation scripts now use a different systemctl command, correctly detecting the default MariaDB as disabled, and the installer can succeed. (BZ#1376910) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation 1376904 - RHEL 7.3 upgrades fails on upgrade because of mariadb-libs package conflict. 1376910 - mysqld service prevents haproxy to get started and deployment fails 6. Package List: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7: Source: mariadb-galera-5.5.42-5.el7ost.src.rpm x86_64: mariadb-galera-common-5.5.42-5.el7ost.x86_64.rpm mariadb-galera-debuginfo-5.5.42-5.el7ost.x86_64.rpm mariadb-galera-server-5.5.42-5.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/+oQXlSAg2UNWIIRAsxqAJ9gO3qcyZavGXgY7hJRYvEFf972BwCguHnK TJlkJuPFQjW/7SaD81/XPWQ= =Rmjx - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mariadb-galera security update Advisory ID: RHSA-2016:2062-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2062.html Issue date: 2016-10-13 CVE Names: CVE-2016-6662 ===================================================================== 1. Summary: An update for mariadb-galera is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 9.0 - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix(es): * A permissions flaw was discovered in the MySQL logging functionality, which allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly exploit this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation 6. Package List: Red Hat OpenStack Platform 9.0: Source: mariadb-galera-5.5.42-5.el7ost.src.rpm x86_64: mariadb-galera-common-5.5.42-5.el7ost.x86_64.rpm mariadb-galera-debuginfo-5.5.42-5.el7ost.x86_64.rpm mariadb-galera-server-5.5.42-5.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/+szXlSAg2UNWIIRAgnbAJ97dJVNpyC/mQE3rrezfRjOcTRdAQCfdB4h aZGHT/AlOntAvQPPhongG8Y= =bAsD - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWAAWAIx+lLeg9Ub1AQjSBg/+NSZbDGdzvXQZLhUxFJ3fvCQ5A/+2oSoS xHTZUtYOesQn44hCaq/pemyWF4aMh/bz6b1W34LGsZt0iABdlFBwhTto2KkaFCyd olJltYEG/2fRUoNF7bMahk7IWvPjAH4yeN62NvrLmHyyENpUVgVfYy7Q+tIOY9xn MThNNLJ8bRzrli4IfmBgZJm0JVZa5zmq8CUIVpmQiMhJi3zLSggtKTvC+Azu/jPL 7BkYgvVSmjy6hmkd7Lm6wn9JVMqHxtsxUkxZj/2+CcMrM5dr/FcnzTMYQ+TCRjJp ZAiMLDJii+C428dTppJMFKveor4uDatRsVqTsLbBiGXjkfT2kYkuKlY3i9fR6g5h bDgyVNhDSJjQ/hePL2KIZQjl3C9slqY2cWQ0jXbf7qU6U+NnwxEo73HIz8HImEjj NVXBT/OtY+ZUgWISrAIIDZcZ0+/BsSeXhvVOTO8oxH9qKSAZy8snJ59aS+cc+Lej q8O8k4NCRzrq2OeoBvZZC/pMOyZKh4XonlgyPOxMAGh7Znox9J4jT02k56fNdzPt eav8Oh4fKymQaFcuj/NnqJvC/X4kmrmKnmzbwm8Ofh/2HotJT6pdsOTkqoPFHoGX MZU18ZSowc/Gin6lMA2iqhjMYogV6RSQrLWn4cI4QXUEHP5RdDUMjE4rFXjmpXc9 3qS/CbidfYQ= =+ypK -----END PGP SIGNATURE-----