Security update takes down MariaDB (drop in MySQL replacement) - affects all apps with MariaDB; inc LAMP, WordPress, etc

[JedMeister]

Affected appliances:

• asp-net-apache
  • ready to build
  • iso built
  • ready to publish
• b2evolution
  • ready to build
  • iso built
  • ready to publish
• bugzilla
  • ready to build
  • iso built
  • ready to publish
• cakephp
  • ready to build
  • iso built
  • ready to publish
• codeigniter
  • ready to build
  • iso built
  • ready to publish
• collabtive
  • ready to build
  • iso built
  • ready to publish
• concrete5
  • ready to build
  • iso built
  • ready to publish
• django
  • ready to build
  • iso built
  • ready to publish
• drupal7
  • ready to build
  • iso built
  • ready to publish
• drupal8
  • ready to build
  • iso built
  • ready to publish
• e107
  • ready to build
  • iso built
  • ready to publish
• elgg
  • ready to build
  • iso built
  • ready to publish
• espocrm
  • ready to build
  • iso built
  • ready to publish
• ezplatform
  • ready to build
  • iso built
  • ready to publish
• foodsoft
  • ready to build
  • iso built
  • ready to publish
• foswiki
  • ready to build
  • iso built
  • ready to publish
• gallery
  • ready to build
  • iso built
  • ready to publish
• ghost
  • ready to build
  • iso built
  • ready to publish
• gitlab
  • ready to build
  • iso built
  • ready to publish
• gitea
  • ready to build
  • iso built
  • ready to publish
• gnusocial
  • ready to build
  • iso built
  • ready to publish
• icescrum
  • ready to build
  • iso built
  • ready to publish
• jenkins
  • ready to build
  • iso built
  • ready to publish
• joomla3
  • ready to build
  • iso built
  • ready to publish
• lamp
  • ready to build
  • iso built
  • ready to publish
• laravel
  • ready to build
  • iso built
  • ready to publish
• lighttpd-php-fastcgi
  • ready to build
  • iso built
  • ready to publish
• limesurvey
  • ready to build
  • iso built
  • ready to publish
• magento
  • ready to build
  • iso built
  • ready to publish
• mambo
  • ready to build
  • iso built
  • ready to publish
• mantis
  • ready to build
  • iso built
  • ready to publish
• matomo
  • ready to build
  • iso built
  • ready to publish
• mediawiki
  • ready to build
  • iso built
  • ready to publish
• mibew
  • ready to build
  • iso built
  • ready to publish
• moodle
  • ready to build
  • iso built
  • ready to publish
• mysql
  • ready to build
  • iso built
  • ready to publish
• nextcloud
  • ready to build
  • iso built
  • ready to publish
• nginx-php-fastcgi
  • ready to build
  • iso built
  • ready to publish
• observium
  • ready to build
  • iso built
  • ready to publish
• omeka
  • ready to build
  • iso built
  • ready to publish
• orangehrm
  • ready to build
  • iso built
  • ready to publish
• oscommerce
  • ready to build
  • iso built
  • ready to publish
• otrs
  • ready to build
  • iso built
  • ready to publish
• owncloud
  • ready to build
  • iso built
  • ready to publish
• phpbb
  • ready to build
  • iso built
  • ready to publish
• phplist
  • ready to build
  • iso built
  • ready to publish
• prestashop
  • ready to build
  • iso built
  • ready to publish
• processmaker
  • ready to build
  • iso built
  • ready to publish
• punbb
  • ready to build
  • iso built
  • ready to publish
• rails
  • ready to build
  • iso built
  • ready to publish
• redmine
  • ready to build
  • iso built
  • ready to publish
• roundup
  • ready to build
  • iso built
  • ready to publish
• sahana-eden
  • ready to build
  • iso built
  • ready to publish
• silverstripe
  • ready to build
  • iso built
  • ready to publish
• simpleinvoices
  • ready to build
  • iso built
  • ready to publish
• simplemachines
  • ready to build
  • iso built
  • ready to publish
• sitracker
  • ready to build
  • iso built
  • ready to publish
• suitecrm
  • ready to build
  • iso built
  • ready to publish
• symfony
  • ready to build
  • iso built
  • ready to publish
• tomcat
  • ready to build
  • iso built
  • ready to publish
• tomcat-apache
  • ready to build
  • iso built
  • ready to publish
• tracks
  • ready to build
  • iso built
  • ready to publish
• typo3
  • ready to build
  • iso built
  • ready to publish
• ushahidi
  • ready to build
  • iso built
  • ready to publish
• vanilla
  • ready to build
  • iso built
  • ready to publish
• web2py
  • ready to build
  • iso built
  • ready to publish
• wordpress
  • ready to build
  • iso built
  • ready to publish
• xoops
  • ready to build
  • iso built
  • ready to publish
• yiiframework
  • ready to build
  • iso built
  • ready to publish
• youphptube
  • ready to build
  • iso built
  • ready to publish
• zencart
  • ready to build
  • iso built
  • ready to publish
• zoneminder
  • ready to build
  • iso built
  • ready to publish
• zurmo
  • ready to build
  • iso built
  • ready to publish

---

Rob just reported in the forums that his WordPress server has gone down, complaining of a "database error" when he tries to connect.

I have just confirmed that there was a MariaDB security update released by Debian a few hours ago.

@OnGle is looking into it now and assuming that he can reproduce the issue, he will start work on finding a workaround and document here ASAP.

[JedMeister]

Wordaround/fix - reinstall default-mysql-server:

apt update
apt install default-mysql-server

That should reinstall mariadb-client-10.1 & mariadb-server-10.1 - to be sure check:

apt policy mariadb-client-10.1 mariadb-server-10.1

[JedMeister]

All images rebuilt. See blog post for more info.