CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2015-3152 — MEDIUM severity vulnerability | Release Alert
CVE-2015-3152
5.9
MEDIUMCVSS v3
Published
May 16, 2016
CVSS v2
4.3 MEDIUM
Affected
7 projects
Assigned by
Red Hat
Severity scale
010
Description
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
ChocolateyMariaDB is designed as a drop-in replacement of [MySQL](https://community.chocolatey.org/packages/mysql) with more features, new storage engines, fewer bugs, and better performance. MariaDB server is a community developed fork of MySQL server started by core members of the original MySQL team.
MariaDB strives to be the logical choice for database professionals looking for a robust, scalable, and reliable SQL server. To accomplish this, the MariaDB Foundation work closely and cooperatively with the larger community of users and developers in the true spirit of Free and open source software, and release software in a manner that balances predictability with reliability.
#### MariaDB comparison to MySQL
* [Features](https://mariadb.com/kb/en/mariadb/mariadb-vs-mysql-features/)
* [Compatibility](https://mariadb.com/kb/en/mariadb/mariadb-vs-mysql-compatibility/)
#### Community
* [Facebook](https://www.facebook.com/MariaDB.dbms)
* [Google+](https://plus.google.com/+mariadb)
* [Twitter](https://twitter.com/mariadb)
**Please Note**: This is an automatically updated package. If you find it is
out of date by more than a day or two, please contact the maintainer(s) and
let them know [here](https://github.com/mkevenaar/chocolatey-packages/issues) that the package is no longer updating correctly.