Bruce Dubbs wrote:
Heads up:
I found this today:
https://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
but I did not see anything on the mariadb web site.
It appears that the workaround for now is the update the /etc/mysql/my.cnf
to add to the [mysqld] entry:
[mysqld]
port = 3306
socket = /run/mysqld/mysqld.sock
datadir = /srv/mysql
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 1M
sort_buffer_size = 512K
net_buffer_length = 16K
myisam_sort_buffer_size = 8M
syslog <-------- add this
but expect a new release soon.
I think I got the config above wrong. It should be to add:
[mysqld_safe]
syslog
An alternative is to change the init script. We now have:
/usr/bin/mysqld_safe --user=mysql 2>&1 >/dev/null &
and can add --syslog to that line.
http://dev.mysql.com/doc/refman/5.7/en/error-log.html
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
