Here is the reply from a MariaDB core developer: 2015-01-26 21:39 GMT+02:00 Sergei Golubchik <s...@mariadb.org>: > Hi, Otto! > > On Jan 26, Otto Kekäläinen wrote: >> Hello Sergei! >> >> The page https://mariadb.com/kb/en/mariadb/security/ does not mention >> the ones Salvatore asks about below: 0385 and 0409. Any info on them? > > Salvatore is right - these bugs are 5.6 only and we don't have "Server : > Optimizer" and "Server : Pluggable Auth" 5.6 code in MariaDB-10.x > > Generally from all 5.6-only MySQL bugs only InnoDB issues apply to > MariaDB-10.x. > > Hmm, I've just checked the source code patch between 5.6.21 and 5.6.22 - > there were *no* changes to the pluggable authentication code. None > whatsoever. I don't know what Oracle means by > > CVE-2015-0385 "Server: Pluggable Auth" "5.6.21 and earlier"
-- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
