MariaDB is a multi-user, multi-threaded SQL database server that is binarycompatible with MySQL.It was found that the MySQL client library permitted but did not require aclient to use SSL/TLS when establishing a secure connection to a MySQLserver using the "--ssl" option. A man-in-the-middle attacker could usethis flaw to strip the SSL/TLS protection from a connection between aclient and a server. (CVE-2015-3152)This update fixes several vulnerabilities in the MariaDB database server.Information about these flaws can be found on the Oracle Critical PatchUpdate Advisory page, listed in the References section. (CVE-2015-0501,CVE-2015-2568, CVE-2015-0499, CVE-2015-2571, CVE-2015-0433, CVE-2015-0441,CVE-2015-0505, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643,CVE-2015-2648, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757)These updated packages upgrade MariaDB to version 5.5.44. Refer to theMariaDB Release Notes listed in the References section for a complete listof changes.All MariaDB users should upgrade to these updated packages, which correctthese issues. After installing this update, the MariaDB server daemon(mysqld) will be restarted automatically.