Rasmus Johansson provides an update on CVE-2016-6662 and CVE-2016-6663 vulnerabilities which were both fixed in the fall.
The details about two vulnerabilities affecting MariaDB (and MySQL) have been published. The two vulnerabilities are:
Today’s IT infrastructure is vulnerable to a range of attacks and threats. How do you safeguard your database against them? By learning and using best practices, and choosing a database with robust security tools built in.
With the release of MariaDB 10.2.2, the newest version of MariaDB has entered the beta stage. In this article, I’ll give an overview of the main new features in MariaDB 10.2. The focus of MariaDB 10.2 can be seen from the categories that the features fall into:
Over the last few days, there has been a lot of questions and discussion around a vulnerability referred to as MySQL Remote Root Code Execution / Privilege Escalation 0day with CVE code CVE-2016-6662. It’s a serious vulnerability and we encourage every MariaDB Server, MariaDB Enterprise and MariaDB Enterprise Cluster user to read the below update on the vulnerability and how it affects MariaDB products.
MariaDB has a wide set of security features to protect data (see MariaDB Enterprise Security Webinar). To encrypt the data in a MariaDB 10.1 database, you can enable data-at-rest encryption. MariaDB allows the option to select the most suitable level of the encryption in MariaDB: Temporary files, Aria tables, InnoDB tablespaces, InnoDB tables, InnoDB log files and Binlogs.
At the 2016 Open Source Conference in Rome, held a few weeks ago, MariaDB was present along with many of the most relevant players in the Open Source community. This included the Italian Public Administration. They are required by law to give preference to free software and open source software. The goal of the Italian Open Source Observatory is to promote the use of open source software in Italian public administrations. They monitor and collect information on cases of open source adoption and best practices related to open technology usage within institutions.
Team MariaDB is touring across several European regions again. The theme for 2016 is "Data Management for Mission Critical Applications". Beside valuable presentations around database security, Big Data analysis and better scalability and high availability our technical experts will help you understand how to take advantage of the wide range of new features and enhancements available now in MariaDB 10.1, MariaDB MaxScale 1.4 and other MariaDB solutions. They will share tips & tricks to help you get the most out of your database.
New and Improved Functionality
The recently released 1.4.1 version of MariaDB MaxScale contains a bundle of great improvements to the Database Firewall Filter, dbfwfilter. This article starts by describing the dbfwfilter module and how it is used. Next we’ll find out what kinds of improvements were made to the filter in MaxScale 1.4.1 and we’ll finish by looking at a few use cases for it.
Here are the highlights of the new dbfwfilter functionality in the 1.4.1 release of MaxScale.