You are here

security

MariaDB Security Risk Matrix

MariaDB Vulnerabilities

CVE# Product Component Protocol Remote
Exploit
without
Auth.?
CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Versions Affected
Base
Score
Attack
Undefined

Oracle releases MySQL security vulnerability fixes 2018-01

Taxonomy upgrade extras: 

As in every quarter of the year Oracle has released yesterday its recommendation for the MySQL security updates. This is called, in Oracle terminology, Critical Patch Update (CPU) Advisory.

This CPU is published for all Oracle products. But FromDual is only interested in MySQL related topics. So let us concentrate on those.

MySQL and MariaDB authentication against pam_unix

Taxonomy upgrade extras: 

The PAM authentication plugin is an extension included in MySQL Enterprise Edition (since 5.5) and in MariaDB (since 5.2).

Non-standard database set up with SELinux

Taxonomy upgrade extras: 

What is SELinux?

The Security-Enhanced Linux is an extension to the Linux Kernel, made by the NSA (National Security Agency). It implements Mandatory Access Controls (MAC), which allow an administrator to define, how applications and users can access resources on a system.

Subscribe to RSS - security