31068 – hsqldb new security issues CVE-2022-41853 and CVE-2023-1183

Bug 31068 - hsqldb new security issues CVE-2022-41853 and CVE-2023-1183

Summary: hsqldb new security issues CVE-2022-41853 and CVE-2023-1183

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	8
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Java Stack Maintainers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2022-11-02 21:44 CET by David Walser
Modified:	2024-01-12 10:30 CET (History)
CC List:	2 users (show)

See Also:
Source RPM:	hsqldb-2.4.0-4.mga8.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2022-11-02 21:44:17 CET

SUSE has issued an advisory on November 1:
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012782.html

Mageia 8 is also affected.

David Walser 2022-11-02 21:44:29 CET

Whiteboard: (none) => MGA8TOO

Comment 1 David Walser 2022-11-02 22:11:15 CET

Equivalent openSUSE advisory:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/X3RTR7RYHITN7CWHZQZSRY5N7FP2TBKR/

Comment 2 David Walser 2022-11-21 22:35:22 CET

RedHat has issued an advisory for this today (November 21):
https://access.redhat.com/errata/RHSA-2022:8560

Comment 3 David Walser 2022-12-12 16:34:00 CET

Debian-LTS has issued an advisory for this on December 10:
https://www.debian.org/lts/security/2022/dla-3234

Comment 4 David Walser 2023-01-17 18:26:56 CET

Debian has issued an advisory for this on January 11:
https://www.debian.org/security/2023/dsa-5313

Comment 5 David Walser 2023-06-22 20:47:10 CEST

Debian has issued an advisory on June 21:
https://www.debian.org/security/2023/dsa-5437

Mageia 8 is also affected.

Summary: hsqldb new security issue CVE-2022-41853 => hsqldb new security issues CVE-2022-41853 and CVE-2023-1183

Comment 6 David GEIGER 2023-07-02 20:14:33 CEST

hsqldb now removed from cauldron current java stack!

CC: (none) => geiger.david68210
Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8

Comment 7 Nicolas Salguero 2024-01-12 10:30:01 CET

Mageia 8 EOL

Status: NEW => RESOLVED
Resolution: (none) => OLD
CC: (none) => nicolas.salguero

Note You need to log in before you can comment on or make changes to this bug.