latest mariadb is available, which fixed several CVE's https://mariadb.com/kb/en/mariadb-10514-release-notes/ https://mariadb.com/kb/en/mariadb-10515-release-notes/ CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659
Updated mariadb packages fix security vulnerabilities: InnoDB - --skip-symbolic-links does not disallow .isl file creation (MDEV-26870) - Indexed CHAR columns are broken with NO_PAD collations (MDEV-25440) - insert-intention lock conflicts with waiting ORDINARY lock (MDEV-27025) - Crash recovery improvements (MDEV-26784, MDEV-27022, MDEV-27183, MDEV-27610) Galera¶ - Galera updated to 26.4.11 - Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory (MDEV-27181) - Alter Sequence do not replicate to another nodes with in Galera Cluster (MDEV-19353) - Galera crash - Assertion. Possible parallel writeset problem (MDEV-26803) - CREATE TABLE with FOREIGN KEY constraint fails to apply in parallel (MDEV-27276) - Galera cluster node consider old server_id value even after modification of server_id [wsrep_gtid_mode=ON] (MDEV-26223) Replication - Seconds behind master corrected from artificial spikes at relay-log rotation (MDEV-16091) - Statement rollback in binlog when transaction creates or drop temporary table is set right (MDEV-26833) - CREATE-or-REPLACE SEQUENCE is made to binlog with the DDL flag to stabilize its parallel execution on slave (MDEV-27365) References: https://mariadb.com/kb/en/mariadb-10514-release-notes/ https://mariadb.com/kb/en/mariadb-10515-release-notes/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46665 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46664 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46661 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46668 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46663 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24051 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24050 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24048 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46659 ======================== Updated packages in core/updates_testing: ======================== mariadb-client-10.5.15-1.mga8 mariadb-client-debuginfo-10.5.15-1.mga8 mariadb-core-10.5.15-1.mga8 lib64mariadbd19-10.5.15-1.mga8 lib64mariadb-embedded-devel-10.5.15-1.mga8 mariadb-common-10.5.15-1.mga8 mariadb-bench-debuginfo-10.5.15-1.mga8 mariadb-mroonga-debuginfo-10.5.15-1.mga8 mariadb-debuginfo-10.5.15-1.mga8 mariadb-connect-debuginfo-10.5.15-1.mga8 mariadb-spider-debuginfo-10.5.15-1.mga8 mariadb-connect-10.5.15-1.mga8 mariadb-spider-10.5.15-1.mga8 mariadb-extra-debuginfo-10.5.15-1.mga8 mariadb-sphinx-debuginfo-10.5.15-1.mga8 mariadb-feedback-debuginfo-10.5.15-1.mga8 lib64mariadb3-debuginfo-10.5.15-1.mga8 mariadb-10.5.15-1.mga8 mariadb-obsolete-debuginfo-10.5.15-1.mga8 lib64mariadb3-10.5.15-1.mga8 lib64mariadb-devel-10.5.15-1.mga8 mariadb-common-core-10.5.15-1.mga8 mariadb-extra-10.5.15-1.mga8 mariadb-sequence-debuginfo-10.5.15-1.mga8 mariadb-sphinx-10.5.15-1.mga8 mariadb-obsolete-10.5.15-1.mga8 mariadb-pam-10.5.15-1.mga8 mariadb-pam-debuginfo-10.5.15-1.mga8 mariadb-sequence-10.5.15-1.mga8 mariadb-feedback-10.5.15-1.mga8 lib64mariadb-devel-debuginfo-10.5.15-1.mga8 mysql-MariaDB-10.5.15-1.mga8 mariadb-mroonga-10.5.15-1.mga8 mariadb-rocks-10.5.15-1.mga8 mariadb-obsolete-debuginfo-10.5.15-1.mga8 lib64mariadb3-10.5.15-1.mga8 lib64mariadb-devel-10.5.15-1.mga8 mariadb-common-core-10.5.15-1.mga8 mariadb-extra-10.5.15-1.mga8 mariadb-sequence-debuginfo-10.5.15-1.mga8 mariadb-sphinx-10.5.15-1.mga8 mariadb-obsolete-10.5.15-1.mga8 mariadb-pam-10.5.15-1.mga8 mariadb-pam-debuginfo-10.5.15-1.mga8 mariadb-sequence-10.5.15-1.mga8 mariadb-feedback-10.5.15-1.mga8 lib64mariadb-devel-debuginfo-10.5.15-1.mga8 mysql-MariaDB-10.5.15-1.mga8 mariadb-mroonga-10.5.15-1.mga8 mariadb-rocks-10.5.15-1.mga8 mariadb-debugsource-10.5.15-1.mga8 lib64mariadbd19-debuginfo-10.5.15-1.mga8 mariadb-core-debuginfo-10.5.15-1.mga8 mariadb-bench-10.5.15-1.mga8 mariadb-common-debuginfo-10.5.15-1.mga8 lib64mariadb-embedded-devel-debuginfo-10.5.15-1.mga8 mariadb-rocks-debuginfo-10.5.15-1.mga8 SRPM: mariadb-10.5.15-1.mga8.src.rpm
Assignee: mageia => qa-bugs
Tested with Kontact/KMail/Akonadi 2022-02-16 11:00:22 0 [Note] /usr/sbin/mysqld: ready for connections. Version: '10.5.15-MariaDB' socket: '/run/user/1000/akonadi/mysql.socket' port: 0 Mageia MariaDB Server Invoked as user $ akonadictl status, ok $ akonadictl fsck, ok $ mysql_upgrade -u akonadi --socket=/run/user/1000/akonadi/mysql.socket, ok No regression found, Ulrich
CC: (none) => bequimao.de
MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. As usually, I want to use phpmyadmin to do some database manipulation. Made sure myqld and httpd are running, but then on starting phpmyadmin I get: phpMyAdmin - Error Error during session start; please check your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser. session_start(): Cannot find session serialization handler "igbinary" - session startup failed Looked up journalctl and /var/log and found some in the httpd/error_log. It starts with [Thu Feb 17 11:10:50.505606 2022] [ssl:warn] [pid 15569] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name. But googling tells me this is rather a warning than a blocking error, so further a load of warnings and then PHP Warning: PHP Startup: igbinary: Unable to initialize module\nModule compiled with module API=20200930\nPHP compiled with module API=20210902\nThese options need to match\n in Unknown on line 0 This is beyond me, so gving up here and I will try some commends at the mysql CLI.
CC: (none) => herman.viaene
Thanks Herman, I assume you have a mixed php-install. Some php packages have php-8.1 and others php-8.0 - so in this case, php-igbinary is from php-8.0 and you have loaded php-8.1. I think this is the error rpmdrake selects packages from backport even if they are not enabled.
While the backports is an issue that needs to be solved, it has a workaround urpmi.removemedia -y Back Then use "urpmq --not-available to identify the packages that need to be downgraded I've installed the update and phpmyadmin is working as is mariadb. Oking the update and validating.
Whiteboard: (none) => MGA8-64-OKCC: (none) => davidwhodgins, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0070.html
Status: NEW => RESOLVEDResolution: (none) => FIXED