Tag Archives: security
SSL (let’s call it that, even though SSL 2.0 and SSL 3.0 were long replaced by TLS 1.0–1.3 protocols) support was implemented in MySQL in 2001, so MariaDB (born in 2009) always had it. But over more than twenty years of SSL support there was one huge problem with it. It required tedious manual configuration, so most users never bothered and accepted the fact that their queries and data were sent unprotected. Which might have been slightly risky in 2001, but is definitely reckless in 2023.
The traditional approach
Let’s see. First, the user installing MariaDB or MySQL has to generate a private key and a certificate.
…
Continue reading “Mission Impossible: Zero-Configuration SSL”
Seppo Jaakola is going to present the topic “MariaDB Galera Cluster Security” at the Security MariaDB Server Fest (Wed 6 April 2022).
I’m currently watching his talk. Let me share with you some details. Seppo is not talking about native MariaDB security features that are by default supported by Galera, but due to the distributed cluster topology additional security related measures are needed. He talks about cluster topology, cluster communication security, Galera enhancement Data at REST encryption and the new 10.9 feature Node screening by IP Allowlist.
Do you have questions to ask Seppo?
…
Continue reading “Quick peek: MariaDB Galera Cluster Security talk”
By default, MariaDB does not check if a user reuses a password. Some security policies require users to choose a new password each time, and the Password Reuse Check plugin, available in a MariaDB 10.7.0 preview, enables this functionality.
Old passwords are stored in the mysql.password_reuse_check_history table, and the period they are retained for is determined by the password-reuse-check-interval system variable, which specifies a number of days. By default this is zero, meaning unlimited retention.
The password can be used in conjunction with other password validation plugins, such as the Simple Password Check plugin or the CrackLib Password Check plugin.
…
Continue reading “10.7 preview feature: Password Reuse Check plugin”
The MariaDB Foundation is pleased to announce the availability of MariaDB 10.4.13, MariaDB 10.3.23, MariaDB 10.2.32, MariaDB 10.1.45 and MariaDB 5.5.68, the latest stable releases in their respective series.
This is the final release of MariaDB 5.5, and MariaDB 5.5 will no longer receive any updates or bugfixes.
See the release notes and changelogs for details.
Release Notes Changelog What is MariaDB 10.4?
Release Notes Changelog What is MariaDB 10.3?
…
Continue reading “MariaDB 10.4.13, 10.3.23, 10.2.32, 10.1.45 and 5.5.68 now available”
The MariaDB Foundation is pleased to announce the availability of MariaDB 10.4.5, the second MariaDB 10.4 release candidate.
See the release notes and changelogs for details.
Release Notes Changelog What is MariaDB 10.4?
MariaDB APT and YUM Repository Configuration Generator
Contributors to MariaDB 10.4.5
Aleksey Midenkov (Tempesta)
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Andrea Kao
Andrei Elkin (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Galina Shalygina (MariaDB Corporation)
hygonsoc
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Kentoku Shiba
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Michal Schorm (Red Hat)
Nikita Malyavin (Tempesta)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
qingda2019
Rasmus Johansson (MariaDB Corporation)
Robert Bindar (MariaDB Foundation)
Sachin Setiya (MariaDB Corporation)
Seppo Jaakola (Codership)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vicențiu Ciorbaru (MariaDB Foundation)
Vladislav Vaintroub (MariaDB Corporation)
Vlad Lesin
wayne
willhan
Zsolt Parragi (Percona)
39 Contributors
Thanks, and enjoy MariaDB! …
The MariaDB Foundation is pleased to announce the availability of MariaDB 10.3.15, the latest stable release in the MariaDB 10.3 series, as well as MariaDB Connector/C 3.0.10, MariaDB Connector/ODBC 3.1.1 and MariaDB Connector/Node.js 2.0.5, the latest MariaDB Connector releases.
See the release notes and changelogs for details.
Release Notes Changelog What is MariaDB 10.3?
MariaDB APT and YUM Repository Configuration Generator
Download MariaDB Connector/C 3.0.10
Release Notes Changelog About MariaDB Connector/C
MariaDB Connector/Node.js 2.0.5
Release Notes Changelog About MariaDB Connector/Node.js
Download MariaDB Connector/ODBC 3.1.1
Release Notes Changelog About MariaDB Connector/ODBC
Contributors to MariaDB 10.3.15
Aleksey Midenkov (Tempesta)
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Andrea Kao
Andrei Elkin (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Galina Shalygina (MariaDB Corporation)
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Nikita Malyavin (Tempesta)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
qingda2019
Rasmus Johansson (MariaDB Corporation)
Robert Bindar (MariaDB Foundation)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vladislav Vaintroub (MariaDB Corporation)
Vlad Lesin
wayne
Zsolt Parragi (Percona)
32 Contributors
Thanks, and enjoy MariaDB! …
The MariaDB Foundation is pleased to announce the availability of MariaDB 10.2.24, the latest stable release in the MariaDB 10.2 series. See the release notes and changelogs for details.
Release Notes Changelog What is MariaDB 10.2?
MariaDB APT and YUM Repository Configuration Generator
Contributors to MariaDB 10.2.24
Aleksey Midenkov (Tempesta)
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Bernhard M. Wiedemann (SUSE)
Chris Calender (MariaDB Corporation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Michal Schorm (Red Hat)
Nikita Malyavin (Tempesta)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
qingda2019
Robert Bindar (MariaDB Foundation)
Sachin Setiya (MariaDB Corporation)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vladislav Vaintroub (MariaDB Corporation)
Vlad Lesin
Zsolt Parragi (Percona)
31 Contributors
Thanks, and enjoy MariaDB! …
The MariaDB Foundation is pleased to announce the availability of MariaDB 10.1.39, the latest stable release in the MariaDB 10.1 series. See the release notes and changelogs for details.
Release Notes Changelog What is MariaDB 10.1?
MariaDB APT and YUM Repository Configuration Generator
Contributors to MariaDB 10.1.39
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Bernhard M. Wiedemann (SUSE)
Chris Calender (MariaDB Corporation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Julius Goryavsky (Tempesta)
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Michal Schorm (Red Hat)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
Robert Bindar (MariaDB Foundation)
Sachin Setiya (MariaDB Corporation)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vladislav Vaintroub (MariaDB Corporation)
Zsolt Parragi (Percona)
28 Contributors
Thanks, and enjoy MariaDB! …