Hi Otto, On Tue, Jan 27, 2015 at 10:01:09AM +0200, Otto Kekäläinen wrote: > Here is the reply from a MariaDB core developer: > > 2015-01-26 21:39 GMT+02:00 Sergei Golubchik <s...@mariadb.org>: > > Hi, Otto! > > > > On Jan 26, Otto Kekäläinen wrote: > >> Hello Sergei! > >> > >> The page https://mariadb.com/kb/en/mariadb/security/ does not mention > >> the ones Salvatore asks about below: 0385 and 0409. Any info on them? > > > > Salvatore is right - these bugs are 5.6 only and we don't have "Server : > > Optimizer" and "Server : Pluggable Auth" 5.6 code in MariaDB-10.x > > > > Generally from all 5.6-only MySQL bugs only InnoDB issues apply to > > MariaDB-10.x. > > > > Hmm, I've just checked the source code patch between 5.6.21 and 5.6.22 - > > there were *no* changes to the pluggable authentication code. None > > whatsoever. I don't know what Oracle means by > > > > CVE-2015-0385 "Server: Pluggable Auth" "5.6.21 and earlier"
Thanks, have updated the security-tracker information about these. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
