Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security update takes down MariaDB (drop in MySQL replacement) - affects all apps with MariaDB; inc LAMP, WordPress, etc #1246

Closed
JedMeister opened this issue Nov 20, 2018 · 2 comments

Comments

@JedMeister
Copy link
Member

@JedMeister JedMeister commented Nov 20, 2018

Affected appliances:

  • asp-net-apache
    • ready to build
    • iso built
    • ready to publish
  • b2evolution
    • ready to build
    • iso built
    • ready to publish
  • bugzilla
    • ready to build
    • iso built
    • ready to publish
  • cakephp
    • ready to build
    • iso built
    • ready to publish
  • codeigniter
    • ready to build
    • iso built
    • ready to publish
  • collabtive
    • ready to build
    • iso built
    • ready to publish
  • concrete5
    • ready to build
    • iso built
    • ready to publish
  • django
    • ready to build
    • iso built
    • ready to publish
  • drupal7
    • ready to build
    • iso built
    • ready to publish
  • drupal8
    • ready to build
    • iso built
    • ready to publish
  • e107
    • ready to build
    • iso built
    • ready to publish
  • elgg
    • ready to build
    • iso built
    • ready to publish
  • espocrm
    • ready to build
    • iso built
    • ready to publish
  • ezplatform
    • ready to build
    • iso built
    • ready to publish
  • foodsoft
    • ready to build
    • iso built
    • ready to publish
  • foswiki
    • ready to build
    • iso built
    • ready to publish
  • gallery
    • ready to build
    • iso built
    • ready to publish
  • ghost
    • ready to build
    • iso built
    • ready to publish
  • gitlab
    • ready to build
    • iso built
    • ready to publish
  • gitea
    • ready to build
    • iso built
    • ready to publish
  • gnusocial
    • ready to build
    • iso built
    • ready to publish
  • icescrum
    • ready to build
    • iso built
    • ready to publish
  • jenkins
    • ready to build
    • iso built
    • ready to publish
  • joomla3
    • ready to build
    • iso built
    • ready to publish
  • lamp
    • ready to build
    • iso built
    • ready to publish
  • laravel
    • ready to build
    • iso built
    • ready to publish
  • lighttpd-php-fastcgi
    • ready to build
    • iso built
    • ready to publish
  • limesurvey
    • ready to build
    • iso built
    • ready to publish
  • magento
    • ready to build
    • iso built
    • ready to publish
  • mambo
    • ready to build
    • iso built
    • ready to publish
  • mantis
    • ready to build
    • iso built
    • ready to publish
  • matomo
    • ready to build
    • iso built
    • ready to publish
  • mediawiki
    • ready to build
    • iso built
    • ready to publish
  • mibew
    • ready to build
    • iso built
    • ready to publish
  • moodle
    • ready to build
    • iso built
    • ready to publish
  • mysql
    • ready to build
    • iso built
    • ready to publish
  • nextcloud
    • ready to build
    • iso built
    • ready to publish
  • nginx-php-fastcgi
    • ready to build
    • iso built
    • ready to publish
  • observium
    • ready to build
    • iso built
    • ready to publish
  • omeka
    • ready to build
    • iso built
    • ready to publish
  • orangehrm
    • ready to build
    • iso built
    • ready to publish
  • oscommerce
    • ready to build
    • iso built
    • ready to publish
  • otrs
    • ready to build
    • iso built
    • ready to publish
  • owncloud
    • ready to build
    • iso built
    • ready to publish
  • phpbb
    • ready to build
    • iso built
    • ready to publish
  • phplist
    • ready to build
    • iso built
    • ready to publish
  • prestashop
    • ready to build
    • iso built
    • ready to publish
  • processmaker
    • ready to build
    • iso built
    • ready to publish
  • punbb
    • ready to build
    • iso built
    • ready to publish
  • rails
    • ready to build
    • iso built
    • ready to publish
  • redmine
    • ready to build
    • iso built
    • ready to publish
  • roundup
    • ready to build
    • iso built
    • ready to publish
  • sahana-eden
    • ready to build
    • iso built
    • ready to publish
  • silverstripe
    • ready to build
    • iso built
    • ready to publish
  • simpleinvoices
    • ready to build
    • iso built
    • ready to publish
  • simplemachines
    • ready to build
    • iso built
    • ready to publish
  • sitracker
    • ready to build
    • iso built
    • ready to publish
  • suitecrm
    • ready to build
    • iso built
    • ready to publish
  • symfony
    • ready to build
    • iso built
    • ready to publish
  • tomcat
    • ready to build
    • iso built
    • ready to publish
  • tomcat-apache
    • ready to build
    • iso built
    • ready to publish
  • tracks
    • ready to build
    • iso built
    • ready to publish
  • typo3
    • ready to build
    • iso built
    • ready to publish
  • ushahidi
    • ready to build
    • iso built
    • ready to publish
  • vanilla
    • ready to build
    • iso built
    • ready to publish
  • web2py
    • ready to build
    • iso built
    • ready to publish
  • wordpress
    • ready to build
    • iso built
    • ready to publish
  • xoops
    • ready to build
    • iso built
    • ready to publish
  • yiiframework
    • ready to build
    • iso built
    • ready to publish
  • youphptube
    • ready to build
    • iso built
    • ready to publish
  • zencart
    • ready to build
    • iso built
    • ready to publish
  • zoneminder
    • ready to build
    • iso built
    • ready to publish
  • zurmo
    • ready to build
    • iso built
    • ready to publish

Rob just reported in the forums that his WordPress server has gone down, complaining of a "database error" when he tries to connect.

I have just confirmed that there was a MariaDB security update released by Debian a few hours ago.

@OnGle is looking into it now and assuming that he can reproduce the issue, he will start work on finding a workaround and document here ASAP.

@JedMeister
Copy link
Member Author

@JedMeister JedMeister commented Nov 20, 2018

Wordaround/fix - reinstall default-mysql-server:

apt update
apt install default-mysql-server

That should reinstall mariadb-client-10.1 & mariadb-server-10.1 - to be sure check:

apt policy mariadb-client-10.1 mariadb-server-10.1
@JedMeister JedMeister self-assigned this Nov 21, 2018
@JedMeister JedMeister changed the title Security update takes WordPress down (may affect other LAMP based apps too?!) Security update takes down MariaDB (drop in MySQL replacement) - affects all apps with MariaDB; inc LAMP, WordPress, etc Nov 21, 2018
@JedMeister
Copy link
Member Author

@JedMeister JedMeister commented Dec 2, 2018

All images rebuilt. See blog post for more info.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment