The January 2020 Oracle CPU lists a vulnerability in mysql-workbench: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL The issue is fixed upstream in 8.0.19. Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
This package has no registered maintainer, so assigning globally; CC'ing wally who has done the most recent commits, hope this is OK.
Assignee: bugsquad => pkg-bugsCC: (none) => jani.valimaa
Status comment: (none) => Fixed upstream in 8.0.19
Blocks: (none) => 26521
Package has been dropped in Cauldron.
Version: Cauldron => 7Whiteboard: MGA7TOO => (none)
October Oracle CPU lists two more security issues for mysql-workbench: https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL Through 8.0.21 is affected, so I assume fixes are in 8.0.22: https://dev.mysql.com/downloads/workbench/
Status comment: Fixed upstream in 8.0.19 => Fixed upstream in 8.0.22Summary: mysql-workbench new security issue CVE-2019-16168 => mysql-workbench new security issues CVE-2019-16168, CVE-2020-1730, CVE-2020-1967
April 2021 Oracle CPU lists two more security issues for mysql-workbench: https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL Through 8.0.23 is affected, so I assume fixes are in 8.0.25: https://dev.mysql.com/downloads/workbench/
Summary: mysql-workbench new security issues CVE-2019-16168, CVE-2020-1730, CVE-2020-1967 => mysql-workbench new security issues CVE-2019-7317, CVE-2019-16168, CVE-2020-1730, CVE-2020-1967, CVE-2021-3450
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Resolution: (none) => OLDStatus: NEW => RESOLVED