Is MariaDB a secure replacement for MySQL?
Maria-DB is not a performance-enhanced MySQL version.
Maria-DB is the forked MySQL version current used in the open-source space. It was forked from MySQL due to mistrust in how Oracle will behave in regard of the original MySQL code. You can see here for more information.
While until version 5.1 both were more or less the same code, by 5.5 this changed significantly. This means that they are now two different (albeit largely compatible) products, so it is not automatic that erratas affecting one (eg: MySQL) are applicables to the other (MariaDB).