| Summary: | mariadb new security issues (fixed in 10.3.22) | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Marc Krämer <mageia> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, herman.viaene, sysadmin-bugs, tmb |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK | ||
| Source RPM: | CVE: | ||
| Status comment: | |||
|
Description
Marc Krämer
2020-01-29 01:35:14 CET
Marc Krämer
2020-01-29 01:35:36 CET
QA Contact:
(none) =>
security https://mariadb.com/kb/en/mariadb-10322-release-notes/ Summary:
new security issues in MariaDB =>
mariadb new security issues (fixed in 10.3.22) Updated MariaDB packages fix security vulnerabilities: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. [1] In addtion a new pam subpackge is provided which adds prebuilt pam_user_map [2]. All release notes can be found here [3] References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574 [2] https://mariadb.com/kb/en/authentication-plugin-pam/ [3] https://mariadb.com/kb/en/mariadb-10322-release-notes/ ======================== Updated packages in core/updates_testing: ======================== mariadb-10.3.22-1.mga7 mysql-MariaDB-10.3.22-1.mga7 mariadb-feedback-10.3.22-1.mga7 mariadb-connect-10.3.22-1.mga7 mariadb-sphinx-10.3.22-1.mga7 mariadb-mroonga-10.3.22-1.mga7 mariadb-sequence-10.3.22-1.mga7 mariadb-spider-10.3.22-1.mga7 mariadb-extra-10.3.22-1.mga7 mariadb-obsolete-10.3.22-1.mga7 mariadb-core-10.3.22-1.mga7 mariadb-common-core-10.3.22-1.mga7 mariadb-common-10.3.22-1.mga7 mariadb-client-10.3.22-1.mga7 mariadb-bench-10.3.22-1.mga7 mariadb-pam-10.3.22-1.mga7 libmariadb3-10.3.22-1.mga7 libmariadb-devel-10.3.22-1.mga7 libmariadbd19-10.3.22-1.mga7 libmariadb-embedded-devel-10.3.22-1.mga7 mariadb-debugsource-10.3.22-1.mga7 mariadb-debuginfo-10.3.22-1.mga7 mariadb-feedback-debuginfo-10.3.22-1.mga7 mariadb-connect-debuginfo-10.3.22-1.mga7 mariadb-sphinx-debuginfo-10.3.22-1.mga7 mariadb-mroonga-debuginfo-10.3.22-1.mga7 mariadb-sequence-debuginfo-10.3.22-1.mga7 mariadb-spider-debuginfo-10.3.22-1.mga7 mariadb-extra-debuginfo-10.3.22-1.mga7 mariadb-obsolete-debuginfo-10.3.22-1.mga7 mariadb-core-debuginfo-10.3.22-1.mga7 mariadb-common-debuginfo-10.3.22-1.mga7 mariadb-client-debuginfo-10.3.22-1.mga7 mariadb-bench-debuginfo-10.3.22-1.mga7 mariadb-pam-debuginfo-10.3.22-1.mga7 libmariadb3-debuginfo-10.3.22-1.mga7 libmariadbd19-debuginfo-10.3.22-1.mga7 libmariadb-embedded-devel-debuginfo-10.3.22-1.mga7 Source RPMs: mariadb-10.3.22-1.mga7.src.rpm Assignee:
mageia =>
qa-bugs MGA7-64 Plasma on Lenovo B50 No installation issues, leaving out all evvel and debug packages. This was an update on an existin installation, used phpmyadmin to test. Recognized previous databases, created in an otherwise empty database a new table with a primary key on kol1 and a unique index and kol2. All is OK. CC:
(none) =>
herman.viaene Validating. Advisory in Comment 2. CC:
(none) =>
andrewsfarm, sysadmin-bugs
Thomas Backlund
2020-01-30 18:43:03 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0072.html Resolution:
(none) =>
FIXED |