+ MariaDB, MySQL: Multiple vulnerabilities
+ Multiple vulnerabilities have been found in MariaDB and MySQL, the
+ worst of which could result in privilege escalation.
+
+ mariadb,mysql
+ 2019-08-18
+ 2019-08-18
+ 661500
+ 670388
+ 679024
+ local, remote
+
+
+ 10.1.38-r1
+ 10.2.22
+ 10.1.38-r1
+ 10.2.22
+
+
+ 5.6.42
+ 5.7.24
+ 5.6.42
+ 5.7.24
+
+
+
+ MariaDB is an enhanced, drop-in replacement for MySQL. MySQL is a
+ popular multi-threaded, multi-user SQL server. MySQL is a popular
+ multi-threaded, multi-user SQL server
+
+
+
+ Multiple vulnerabilities have been discovered in MariaDB and MySQL.
+ Please review the CVE identifiers referenced below for details.
+
+
+
+ Please review the referenced CVE identifiers for details.
+
+
+ There is no known workaround at this time.
+
+
+ All MariaDB 10.1.x users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mariadb-10.1.38-r1"
+
+
+ All MariaDB 10.2.x users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mariadb-10.2.22"
+
+
+ All MySQL 5.6.x users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.6.42"
+
+
+ All MySQL 5.7.x users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.7.24"
+
+
+
+ CVE-2018-2755
+ CVE-2018-2759
+ CVE-2018-2761
+ CVE-2018-2766
+ CVE-2018-2771
+ CVE-2018-2777
+ CVE-2018-2781
+ CVE-2018-2782
+ CVE-2018-2784
+ CVE-2018-2786
+ CVE-2018-2787
+ CVE-2018-2810
+ CVE-2018-2813
+ CVE-2018-2817
+ CVE-2018-2819
+ CVE-2018-3143
+ CVE-2018-3156
+ CVE-2018-3162
+ CVE-2018-3173
+ CVE-2018-3174
+ CVE-2018-3185
+ CVE-2018-3200
+ CVE-2018-3251
+ CVE-2018-3252
+ CVE-2018-3277
+ CVE-2018-3282
+ CVE-2018-3284
+ CVE-2019-2510
+ CVE-2019-2529
+ CVE-2019-2537
+
+ b-man
+ b-man
+
diff --git a/metadata/glsa/glsa-201908-25.xml b/metadata/glsa/glsa-201908-25.xml
new file mode 100644
index 000000000000..7f2c146a9229
--- /dev/null
+++ b/metadata/glsa/glsa-201908-25.xml
@@ -0,0 +1,64 @@
+
+
+