https://www.fromdual.com/tags/security/Recent content in Security on FromDual GmbHHugoen-GBoli.sennhauser@fromdual.com (Oli Sennhauser)oli.sennhauser@fromdual.com (Oli Sennhauser)© FromDual GmbHThu, 06 Mar 2025 09:50:18 +0000https://www.fromdual.com/blog/mariadb-honeypot/Thu, 06 Mar 2025 09:50:18 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/blog/mariadb-honeypot/<p>In our <a href="https://www.fromdual.com/advanced-mysql-mariadb-training">MariaDB advanced training courses</a>, which we hold approximately every two months, we use machines that are directly exposed to the Internet with a public IP address. <strong>Warning</strong>: You should NEVER expose a database directly to the Internet without protection! Typically, it takes less than 72 hours (3 days) before we are exposed to the first external access attempts.</p>https://www.fromdual.com/blog/mariadb-push-replication/Mon, 11 Jan 2021 17:29:50 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/blog/mariadb-push-replication/<h2 id="table-of-contents">Table of Contents</h2> <ul> <li><a href="https://www.fromdual.com/blog/mariadb-push-replication/#mariadb-pull-replication">How to make MariaDB Pull Replication as secure as possible</a></li> <li><a href="https://www.fromdual.com/blog/mariadb-push-replication/#mariadb-push-replication">MariaDB Push Replication</a></li> <li><a href="https://www.fromdual.com/blog/mariadb-push-replication/#pushing-data-with-federatedx">Pushing data with the FederatedX Storage Engine and Triggers</a></li> <li><a href="https://www.fromdual.com/blog/mariadb-push-replication/#traffic-mirroring-with-mariadb-maxscale">Traffic mirroring with MariaDB MaxScale or ProxySQL</a></li> </ul> <h2 id="how-to-make-mariadb-pull-replication-as-secure-as-possible">How to make MariaDB Pull Replication as secure as possible</h2> <p>A normal MariaDB Replication is a Pull Replication. This means that a Slave connects to its Master and gathers or better requests Binary Log information from the Master and applies them in a streaming way.</p>https://www.fromdual.com/blog/oracle-releases-mysql-security-vulnerability-fixes-2018-01/Wed, 17 Jan 2018 11:27:28 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/blog/oracle-releases-mysql-security-vulnerability-fixes-2018-01/<p>As in every quarter of the year Oracle has released yesterday its recommendation for the MySQL security updates. This is called, in Oracle terminology, <a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" target="_blank" title="Oracle Critical Patch Update Advisory - January 2018">Critical Patch Update (CPU) Advisory</a>.</p>https://www.fromdual.com/blog/mysql-and-mariadb-authentication-against-pam-unix/Mon, 13 Feb 2017 18:02:08 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/blog/mysql-and-mariadb-authentication-against-pam-unix/<p>The PAM authentication plugin is an extension included in MySQL Enterprise Edition (since 5.5) and in MariaDB (since 5.2).</p>https://www.fromdual.com/blog/non-standard-database-set-up-with-selinux/Tue, 13 Dec 2016 15:26:19 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/blog/non-standard-database-set-up-with-selinux/<h2 id="what-is-selinux">What is SELinux?</h2> <p>The Security-Enhanced Linux is an extension to the Linux Kernel, made by the NSA (National Security Agency). It implements Mandatory Access Controls (MAC), which allow an administrator to define, how applications and users can access resources on a system.</p>https://www.fromdual.com/blog/mysql-security/Fri, 18 Jan 2013 09:27:09 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/blog/mysql-security/<h2 id="overview">Overview</h2> <ul> <li><a href="https://www.fromdual.com/blog/mysql-security/#mysql-security-products">MySQL Security Products</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#useful-security-links">Useful Security Links</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#security-vulnerabilities-fixed-in-mariadb">Security Vulnerabilities Fixed in MariaDB</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#oracle-critical-patch-update-advisory-for-mysql">Oracle Critical Patch Update (CPU) Advisory for MySQL</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#redhat-centos-vulnerabilities">RedHat/CentOS vulnerabilities by CVE name</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#ubuntu-security-notice-for-mariadb">Ubuntu Security Notice (USN) for MariaDB</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#ubuntu-security-notice-for-mysql">Ubuntu Security Notice (USN) for MySQL</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#debian-security-advisories">Debian Security Advisories</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#debian-security-advisories-for-mysql">Debian Security Advisories for MySQL</a></li> <li><a href="https://www.exploit-db.com/search/?action=search&amp;description=mysql" target="_blank" title="MySQL Exploits">MySQL Exploits</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#debian-security-advisories-for-mariadb">Debian Security Advisories for MariaDB</a></li> <li><a href="https://www.exploit-db.com/search/?action=search&amp;description=mariadb" target="_blank" title="MariaDB Exploits">MariaDB Exploits</a></li> <li><a href="https://www.fromdual.com/mariadb-security-risk-matrix" target="_blank" title="MariaDB Security Risk Matrix">MariaDB Security Risk Matrix</a></li> <li><a href="https://www.fromdual.com/blog/mysql-security/#auscert">Cyber Emergency Response Team (CERT) in Australia and APAC</a></li> <li><a href="https://hackerone.com/mariadb?type=team" target="_blank" title="MariaDB Security | HackerOne">MariaDB Security | HackerOne</a></li> </ul> <h2 id="mysql-security-products">MySQL Security Products</h2> <ul> <li>Database Firewall: <a href="http://www.greensql.com/" target="_blank">GreenSQL</a></li> <li>MySQL Database Security: <a href="http://www.mcafee.com/us/products/database-security/mysql-plug-in.aspx" target="_blank">McAfee</a></li> </ul> <h2 id="useful-security-links">Useful Security Links</h2> <ul> <li><a href="https://public.cyber.mil/announcement/stig-update-disa-releases-the-mariadb-enterprise-10-x-security-technical-implementation-guide/" target="_blank">STIG Update: DISA releases the MariaDB Enterprise 10.x Security Technical Implementation Guide</a></li> <li>OWASP: <a href="https://cheatsheetseries.owasp.org/cheatsheets/Database_Security_Cheat_Sheet.html" target="_blank" title="Database Security Cheat Sheet">Database Security Cheat Sheet</a></li> <li><a href="https://benchmarks.cisecurity.org/" target="_blank" title="Center for Internet Security">CIS</a> <a href="https://benchmarks.cisecurity.org/tools2/mysql/CIS_MySQL_Benchmark_v1.0.2.pdf" target="_blank" title="The Center for Internet Security CIS">MySQL 4.1/5.0/5.1 Benchmark</a> (v1.0.2)</li> <li><a href="https://benchmarks.cisecurity.org/" target="_blank" title="Center for Internet Security">CIS</a> <a href="https://benchmarks.cisecurity.org/tools2/mysql/CIS_Oracle_MySQL_Community_Edition_5.6_Benchmark_v1.1.0.pdf" target="_blank" title="The Center for Internet Security CIS">Oracle MySQL Community Server 5.6 Benchmark</a> (v1.1.0)</li> <li><a href="https://benchmarks.cisecurity.org/" target="_blank" title="Center for Internet Security">CIS</a> <a href="https://benchmarks.cisecurity.org/tools2/mysql/CIS_Oracle_MySQL_Community_Edition_5.7_Benchmark_v1.0.0.pdf" target="_blank" title="The Center for Internet Security CIS">Oracle MySQL Community Server 5.7 Benchmark</a> (v1.0.0)</li> <li><a href="https://benchmarks.cisecurity.org/" target="_blank" title="Center for Internet Security">CIS</a> <a href="https://benchmarks.cisecurity.org/tools2/mysql/CIS_Oracle_MySQL_Enterprise_Edition_5.6_Benchmark_v1.1.0.pdf" target="_blank" title="The Center for Internet Security CIS">Oracle MySQL Enterprise Edition 5.6 Benchmark</a> (v1.1.0)</li> <li><a href="https://benchmarks.cisecurity.org/" target="_blank" title="Center for Internet Security">CIS</a> <a href="https://benchmarks.cisecurity.org/tools2/mysql/CIS_Oracle_MySQL_Enterprise_Edition_5.7_Benchmark_v1.0.0.pdf" target="_blank" title="The Center for Internet Security CIS">Oracle MySQL Enterprise Edition 5.7 Benchmark</a> (v1.0.0)</li> <li>MySQL Documentation: <a href="http://dev.mysql.com/doc/refman/5.7/en/security.html" target="_blank">Security</a></li> <li>BSI certified <a href="https://www.bsi.bund.de/DE/Themen/ZertifizierungundAnerkennung/Produktzertifizierung/ZertifizierungnachCC/ZertifizierteProdukte/Serveranwendungen/Serveranwendungen_node.html#doc2966472bodyText1" target="_blank">database servers</a></li> <li><a href="http://www.cvedetails.com/vulnerability-list/vendor_id-185/cvssscoremin-9/cvssscoremax-/Mysql.html" target="_blank">CVE Details</a></li> <li><a href="https://rhn.redhat.com/errata/RHSA-2013-0121.html" target="_blank" title="Low: mysql security and bug fix update">RHSA-2013:0121-1</a></li> <li><a href="http://rhn.redhat.com/errata/RHSA-2012-1462.html" target="_blank" title="Important: mysql security update">RHSA-2012:1462-1</a></li> <li><a href="https://lists.grok.org.uk/mailman/listinfo/full-disclosure" target="_blank"><a href="mailto:full-disclosure@lists.grok.org.uk">full-disclosure@lists.grok.org.uk</a></a></li> <li><a href="http://forums.mysql.com/list.php?30" target="_blank">MySQL Security Forum</a></li> <li><a href="http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet" target="_blank" title="MySQL SQL Injection Cheat Sheet">MySQL SQL Injection Cheat Sheet</a></li> </ul> <h2 id="security-vulnerabilities-fixed-in-mariadb">Security Vulnerabilities Fixed in MariaDB</h2> <ul> <li><a href="https://mariadb.com/kb/en/mariadb/security/" target="_blank" title="Security Vulnerabilities Fixed in MariaDB">Security Vulnerabilities Fixed in MariaDB</a></li> <li><a href="https://www.fromdual.com/mariadb-security-risk-matrix/index.php" title="MariaDB Security Risk Matrix">MariaDB Security Risk Matrix</a></li> </ul> <h2 id="oracle-critical-patch-update-cpu-advisory-for-mysql">Oracle Critical Patch Update (CPU) Advisory for MySQL</h2> <ul> <li><a href="https://www.oracle.com/technetwork/topics/security/alerts-086861.html" target="_blank" title="Oracle CPU Overview">Oracle Critical Patch Update Advisory - Overview</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL" target="_blank" title="Oracle CPU 2024-10">Oracle Critical Patch Update Advisory - October 2024</a> (45 fixes / 9.1 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2024verbose.html#MSQL" target="_blank" title="Oracle CPU 2024-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2024.html#AppendixMSQL" target="_blank" title="Oracle CPU 2024-07">Oracle Critical Patch Update Advisory - July 2024</a> (37 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2024verbose.html#MSQL" target="_blank" title="Oracle CPU 2024-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixMSQL" target="_blank" title="Oracle CPU 2024-04">Oracle Critical Patch Update Advisory - April 2024</a> (36 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2024verbose.html#MSQL" target="_blank" title="Oracle CPU 2024-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2024.html#AppendixMSQL" target="_blank" title="Oracle CPU 2024-01">Oracle Critical Patch Update Advisory - January 2024</a> (40 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujan2024verbose.html#MSQL" target="_blank" title="Oracle CPU 2024-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2023.html#AppendixMSQL" target="_blank" title="Oracle CPU 2023-10">Oracle Critical Patch Update Advisory - October 2023</a> (37 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2023verbose.html#MSQL" target="_blank" title="Oracle CPU 2023-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2023.html#AppendixMSQL" target="_blank" title="Oracle CPU 2023-07">Oracle Critical Patch Update Advisory - July 2023</a> (24 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2023verbose.html#MSQL" target="_blank" title="Oracle CPU 2023-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixMSQL" target="_blank" title="Oracle CPU 2023-04">Oracle Critical Patch Update Advisory - April 2023</a> (34 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2023verbose.html#MSQL" target="_blank" title="Oracle CPU 2023-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL" target="_blank" title="Oracle CPU 2023-01">Oracle Critical Patch Update Advisory - January 2023</a> (37 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujan2023verbose.html#MSQL" target="_blank" title="Oracle CPU 2023-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL" target="_blank" title="Oracle CPU 2022-10">Oracle Critical Patch Update Advisory - October 2022</a> (37 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2022verbose.html#MSQL" target="_blank" title="Oracle CPU 2022-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL" target="_blank" title="Oracle CPU 2022-07">Oracle Critical Patch Update Advisory - July 2022</a> (34 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2022verbose.html#MSQL" target="_blank" title="Oracle CPU 2022-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL" target="_blank" title="Oracle CPU 2022-04">Oracle Critical Patch Update Advisory - April 2022</a> (43 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2022verbose.html#MSQL" target="_blank" title="Oracle CPU 2022-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL" target="_blank" title="Oracle CPU 2022-01">Oracle Critical Patch Update Advisory - January 2022</a> (78 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpujan2022verbose.html#MSQL" target="_blank" title="Oracle CPU 2022-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL" target="_blank" title="Oracle CPU 2021-10">Oracle Critical Patch Update Advisory - October 2021</a> (66 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2021verbose.html#MSQL" target="_blank" title="Oracle CPU 2021-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL" target="_blank" title="Oracle CPU 2021-07">Oracle Critical Patch Update Advisory - July 2021</a> (41 fixes / 8.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2021verbose.html#MSQL" target="_blank" title="Oracle CPU 2021-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL" target="_blank" title="Oracle CPU 2021-04">Oracle Critical Patch Update Advisory - April 2021</a> (49 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2021verbose.html#MSQL" target="_blank" title="Oracle CPU 2021-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL" target="_blank" title="Oracle CPU 2021-01">Oracle Critical Patch Update Advisory - January 2021</a> (43 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpujan2021verbose.html#MSQL" target="_blank" title="Oracle CPU 2021-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL" target="_blank" title="Oracle CPU 2020-10">Oracle Critical Patch Update Advisory - October 2020</a> (53 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2020verbose.html#MSQL" target="_blank" title="Oracle CPU 2020-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL" target="_blank" title="Oracle CPU 2020-07">Oracle Critical Patch Update Advisory - July 2020</a> (40 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2020verbose.html#MSQL" target="_blank" title="Oracle CPU 2020-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL" target="_blank" title="Oracle CPU 2020-04">Oracle Critical Patch Update Advisory - April 2020</a> (45 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2020verbose.html#MSQL" target="_blank" title="Oracle CPU 2020-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL" target="_blank" title="Oracle CPU 2020-01">Oracle Critical Patch Update Advisory - January 2020</a> (19 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpujan2020verbose.html#MSQL" target="_blank" title="Oracle CPU 2020-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2019.html#AppendixMSQL" target="_blank" title="Oracle CPU 2019-10">Oracle Critical Patch Update Advisory - October 2019</a> (34 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2019verbose.html#MSQL" target="_blank" title="Oracle CPU 2019-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2019.html#AppendixMSQL" target="_blank" title="Oracle CPU 2019-07">Oracle Critical Patch Update Advisory - July 2019</a> (45 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2019verbose.html#MSQL" target="_blank" title="Oracle CPU 2019-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2019.html#AppendixMSQL" target="_blank" title="Oracle CPU 2019-04">Oracle Critical Patch Update Advisory - April 2019</a> (45 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2019verbose.html#MSQL" target="_blank" title="Oracle CPU 2019-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2019.html#AppendixMSQL" target="_blank" title="Oracle CPU 2019-01">Oracle Critical Patch Update Advisory - January 2019</a> (30 fixes / 9.1 max score), <a href="https://www.oracle.com/security-alerts/cpujan2019verbose.html#MSQL" target="_blank" title="Oracle CPU 2019-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2018.html#AppendixMSQL" target="_blank" title="Oracle CPU 2018-10">Oracle Critical Patch Update Advisory - October 2018</a> (38 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2018verbose.html#MSQL" target="_blank" title="Oracle CPU 2018-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2018.html#AppendixMSQL" target="_blank" title="Oracle CPU 2018-07">Oracle Critical Patch Update Advisory - July 2018</a> (31 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2018verbose.html#MSQL" target="_blank" title="Oracle CPU 2018-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2018.html#AppendixMSQL" target="_blank" title="Oracle CPU 2018-04">Oracle Critical Patch Update Advisory - April 2018</a> (33 fixes / 7.7 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2018verbose.html#MSQL" target="_blank" title="Oracle CPU 2018-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2018.html#AppendixMSQL" target="_blank" title="Oracle CPU 2018-01">Oracle Critical Patch Update Advisory - January 2018</a> (25 fixes / 8.1 max score), <a href="https://www.oracle.com/security-alerts/cpujan2018verbose.html#MSQL" target="_blank" title="Oracle CPU 2018-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2017.html#AppendixMSQL" target="_blank" title="Oracle CPU 2017-10">Oracle Critical Patch Update Advisory - October 2017</a> (25 fixes / 8.8 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2017verbose.html#MSQL" target="_blank" title="Oracle CPU 2017-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2017.html#AppendixMSQL" target="_blank" title="Oracle CPU 2017-07">Oracle Critical Patch Update Advisory - July 2017</a> (30 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpujul2017verbose.html#MSQL" target="_blank" title="Oracle CPU 2017-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2017.html#AppendixMSQL" target="_blank" title="Oracle CPU 2017-04">Oracle Critical Patch Update Advisory - April 2017</a> (39 fixes / 10.0 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2017verbose.html#MSQL" target="_blank" title="Oracle CPU 2017-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2017.html#AppendixMSQL" target="_blank" title="Oracle CPU 2017-01">Oracle Critical Patch Update Advisory - January 2017</a> (27 fixes / 8.8 max score), <a href="https://www.oracle.com/security-alerts/cpujan2017verbose.html#MSQL" target="_blank" title="Oracle CPU 2017-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2016.html#AppendixMSQL" target="_blank" title="Oracle CPU 2016-10">Oracle Critical Patch Update Advisory - October 2016</a> (31 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2016verbose.html#MSQL" target="_blank" title="Oracle CPU 2016-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2016.html#AppendixMSQL" target="_blank" title="Oracle CPU 2016-07">Oracle Critical Patch Update Advisory - July 2016</a> (22 fixes / 8.1 max score), <a href="https://www.oracle.com/security-alerts/cpujul2016verbose.html#MSQL" target="_blank" title="Oracle CPU 2016-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2016.html#AppendixMSQL" target="_blank" title="Oracle CPU 2016-04">Oracle Critical Patch Update Advisory - April 2016</a> (31 fixes / 9.8 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2016verbose.html#MSQL" target="_blank" title="Oracle CPU 2016-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2016.html#AppendixMSQL" target="_blank" title="Oracle CPU 2016-01">Oracle Critical Patch Update Advisory - January 2016</a> (22 fixes / 7.2 max score), <a href="https://www.oracle.com/security-alerts/cpujan2016verbose.html#MSQL" target="_blank" title="Oracle CPU 2016-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2015.html#AppendixMSQL" target="_blank" title="Oracle CPU 2015-10">Oracle Critical Patch Update Advisory - October 2015</a> (30 fixes / 9.0 max score), <a href="https://www.oracle.com/security-alerts/cpuoct2015verbose.html#MSQL" target="_blank" title="Oracle CPU 2015-10 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujul2015.html#AppendixMSQL" target="_blank" title="Oracle CPU 2015-07">Oracle Critical Patch Update Advisory - July 2015</a> (18 fixes / 6.5 max score), <a href="https://www.oracle.com/security-alerts/cpujul2015verbose.html#MSQL" target="_blank" title="Oracle CPU 2015-07 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2015.html#AppendixMSQL" target="_blank" title="Oracle CPU 2015-04">Oracle Critical Patch Update Advisory - April 2015</a> (26 fixes / 10.0 max score), <a href="https://www.oracle.com/security-alerts/cpuapr2015verbose.html#MSQL" target="_blank" title="Oracle CPU 2015-04 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpujan2015.html#AppendixMSQL" target="_blank" title="Oracle CPU 2015-01">Oracle Critical Patch Update Advisory - January 2015</a> (9 fixes / 7.5 max score), <a href="https://www.oracle.com/security-alerts/cpujan2015verbose.html#MSQL" target="_blank" title="Oracle CPU 2015-01 verbose text form">verbose text form</a></li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2014.html#AppendixMSQL" target="_blank" title="Oracle CPU 2014-10">Oracle Critical Patch Update Advisory - October 2014</a> (24 fixes / 8.0 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpujul2014.html#AppendixMSQL" target="_blank" title="Oracle CPU 2014-07">Oracle Critical Patch Update Advisory - July 2014</a> (10 fixes / 6.5 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2014.html#AppendixMSQL" target="_blank" title="Oracle CPU 2014-04">Oracle Critical Patch Update Advisory - April 2014</a> (14 fixes / 6.5 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpujan2014.html#AppendixMSQL" target="_blank" title="Oracle CPU 2014-01">Oracle Critical Patch Update Advisory - January 2014</a> (18 fixes / 10.0 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2013.html#AppendixMSQL" target="_blank" title="Oracle CPU 2013-10">Oracle Critical Patch Update Advisory - October 2013</a> (8 fixes / 8.5 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpujul2013.html#AppendixMSQL" target="_blank" title="Oracle CPU 2013-07">Oracle Critical Patch Update Advisory - July 2013</a> (18 fixes / 6.8 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2013.html#AppendixMSQL" target="_blank" title="Oracle CPU 2013-04">Oracle Critical Patch Update Advisory - April 2013</a> (25 fixes / 6.8 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpujan2013.html#AppendixMSQL" target="_blank" title="Oracle CPU 2013-01">Oracle Critical Patch Update Advisory - January 2013</a> (18 fixes / 9.0 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpuoct2012.html#AppendixMSQL" target="_blank" title="Oracle CPU 2012-10">Oracle Critical Patch Update Advisory - October 2012</a> (15 fixes / 9.0 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpujul2012.html#AppendixMSQL" target="_blank" title="Oracle CPU 2012-07">Oracle Critical Patch Update Advisory - July 2012</a> (6 fixes / 6.8 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpuapr2012.html#AppendixMSQL" target="_blank" title="Oracle CPU 2012-04">Oracle Critical Patch Update Advisory - April 2012</a> (6 fixes / 6.8 max score)</li> <li><a href="https://www.oracle.com/security-alerts/cpujan2012.html#AppendixMSQL" target="_blank" title="Oracle CPU 2012-01">Oracle Critical Patch Update Advisory - January 2012</a> (27 fixes / 5.5 max score)</li> </ul> <h2 id="redhatcentos-vulnerabilities-by-cve-name">RedHat/CentOS vulnerabilities by CVE name</h2> <p><a href="https://access.redhat.com/security/cve/#/?q=mysql" target="_blank" title="Red Hat vulnerabilities by CVE name for MySQL">Red Hat vulnerabilities by CVE name for MySQL</a></p>https://www.fromdual.com/mariadb-security-risk-matrix/index.phpTue, 25 Feb 2020 15:49:45 +0000oli.sennhauser@fromdual.com (Oli Sennhauser)https://www.fromdual.com/mariadb-security-risk-matrix/index.php<?php $fromdual_base = dirname(dirname($_SERVER['SCRIPT_FILENAME'])); $fromdual_file = $fromdual_base . '/php/mariadb-vulnerabilities.inc'; include($fromdual_file); // See also /node/1422 for Edit! ?>