Slackware has issued an advisory on May 20: https://lwn.net/Articles/974440/ The problem is fixed in version 10.11.8.
Source RPM: (none) => mariadb-10.11.7-1.mga9.src.rpmStatus comment: (none) => Fixed upstream in 10.11.8CVE: (none) => CVE-2024-21096
Marc is the regular packager for MariaDB, so assigning this to you.
Assignee: bugsquad => mageia
strange, must have missed the version announcement. But I was very busy.
Updated MariaDB to fix a new security issue [1,2] Addtional bugs were fixed [3] in the following components: InnoDB Spider Aria Backup JSON Optimization & Tuning Plugins Galera Scripts & Clients Server For the deatails see the vendor site [3] References: [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21096 [2] https://lwn.net/Articles/974440/ [3] https://mariadb.com/kb/en/mariadb-10-11-8-release-notes/ ======================== Updated packages in core/updates_testing: ======================== mariadb-client-10.11.8-1.mga9 mariadb-client-debuginfo-10.11.8-1.mga9 lib64mariadbd19-10.11.8-1.mga9 mariadb-core-10.11.8-1.mga9 lib64mariadb-embedded-devel-10.11.8-1.mga9 mariadb-mroonga-debuginfo-10.11.8-1.mga9 lib64mariadb-devel-10.11.8-1.mga9 mariadb-common-10.11.8-1.mga9 mariadb-spider-debuginfo-10.11.8-1.mga9 mariadb-rocks-10.11.8-1.mga9 mariadb-mroonga-10.11.8-1.mga9 mariadb-bench-debuginfo-10.11.8-1.mga9 mariadb-debuginfo-10.11.8-1.mga9 mariadb-s3-engine-10.11.8-1.mga9 mariadb-feedback-debuginfo-10.11.8-1.mga9 mariadb-connect-debuginfo-10.11.8-1.mga9 mariadb-extra-debuginfo-10.11.8-1.mga9 mariadb-connect-10.11.8-1.mga9 mariadb-10.11.8-1.mga9 mariadb-spider-10.11.8-1.mga9 mariadb-sphinx-debuginfo-10.11.8-1.mga9 mariadb-s3-engine-debuginfo-10.11.8-1.mga9 lib64mariadb3-debuginfo-10.11.8-1.mga9 mariadb-obsolete-debuginfo-10.11.8-1.mga9 mariadb-common-core-10.11.8-1.mga9 lib64mariadb3-10.11.8-1.mga9 mariadb-sequence-debuginfo-10.11.8-1.mga9 mariadb-extra-10.11.8-1.mga9 mariadb-sphinx-10.11.8-1.mga9 mariadb-obsolete-10.11.8-1.mga9 mariadb-pam-debuginfo-10.11.8-1.mga9 mariadb-pam-10.11.8-1.mga9 mariadb-sequence-10.11.8-1.mga9 mysql-MariaDB-10.11.8-1.mga9 lib64mariadb-devel-debuginfo-10.11.8-1.mga9 mariadb-feedback-10.11.8-1.mga9 lib64mariadbd19-debuginfo-10.11.8-1.mga9 mariadb-debugsource-10.11.8-1.mga9 mariadb-core-debuginfo-10.11.8-1.mga9 mariadb-bench-10.11.8-1.mga9 mariadb-common-debuginfo-10.11.8-1.mga9 mariadb-rocks-debuginfo-10.11.8-1.mga9 lib64mariadb-embedded-devel-debuginfo-10.11.8-1.mga9 SRPM: mariadb-10.11.8-1.mga9.src.rpm
Assignee: mageia => qa-bugs
Keywords: (none) => advisory
MGA9-64 Plasma Wayland on HP-Pavillion No installation issues, omitting debuginfo's # systemctl start httpd # systemctl start mysqld # systemctl -l status mysqld ● mysqld.service - MySQL database server Loaded: loaded (/usr/lib/systemd/system/mysqld.service; disabled; preset: disabled) Active: active (running) since Fri 2024-05-24 14:01:07 CEST; 20s ago Process: 21914 ExecStartPre=/usr/sbin/mysqld-prepare-db-dir (code=exited, status=0/SUCCESS) Main PID: 21928 (mysqld) Status: "Taking your SQL requests now..." Tasks: 22 (limit: 4495) Memory: 101.8M CPU: 1.666s CGroup: /system.slice/mysqld.service └─21928 /usr/sbin/mysqld May 24 14:00:46 mach4.hviaene.thuis mysqld[21928]: 2024-05-24 14:00:46 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physi> May 24 14:00:46 mach4.hviaene.thuis mysqld[21928]: 2024-05-24 14:00:46 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB. May 24 14:00:46 mach4.hviaene.thuis mysqld[21928]: 2024-05-24 14:00:46 0 [Note] InnoDB: log sequence number 72212; transaction id 48 May 24 14:00:46 mach4.hviaene.thuis mysqld[21928]: 2024-05-24 14:00:46 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_bu> May 24 14:00:46 mach4.hviaene.thuis mysqld[21928]: 2024-05-24 14:00:46 0 [Note] InnoDB: Buffer pool(s) load completed at 240524 14:00:46 May 24 14:00:46 mach4.hviaene.thuis mysqld[21928]: 2024-05-24 14:00:46 0 [Note] CONNECT: Version 1.07.0002 March 22, 2021 May 24 14:00:47 mach4.hviaene.thuis mysqld[21928]: 240524 14:00:47 server_audit: MariaDB Audit Plugin version 1.4.14 STARTED. May 24 14:01:07 mach4.hviaene.thuis mysqld[21928]: 240524 14:00:47 server_audit: Query cache is enabled with the TABLE events. Some tabl> May 24 14:01:07 mach4.hviaene.thuis mysqld[21928]: Version: '10.11.8-MariaDB' socket: '/var/lib/mysql/mysql.sock' port: 0 Mageia Mari> May 24 14:01:07 mach4.hviaene.thuis systemd[1]: Started mysqld.service. Used phpmyadmin to delete an existing database, created a new one, created one new table with serial field as primary key, one varchar as unique key, one plain varchar, one timestamp with current_timestamp as default. Table created OK, inserted some values, all OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA9-64-OK
Installed and tested without issues. Tested with: - mysql CLI; - dbeaver-ce; - mysql workstation; - PHP scripts (e.g. phpmyadmin, roundcubemail, nextcloud, wordpress); - Qt6 applications using the QSqlMySql plugin driver; - systemd restricted service for improved security (see override.conf file below). All OK. System: Mageia 9, x86_64, Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz. $ uname -a Linux marte 6.6.28-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Wed Apr 17 17:19:36 UTC 2024 x86_64 GNU/Linux $ rpm -qa | grep mariadb | sort lib64mariadb3-10.11.8-1.mga9 mariadb-10.11.8-1.mga9 mariadb-client-10.11.8-1.mga9 mariadb-common-10.11.8-1.mga9 mariadb-common-core-10.11.8-1.mga9 mariadb-core-10.11.8-1.mga9 mariadb-extra-10.11.8-1.mga9 $ systemctl status mysqld.service ● mysqld.service - MySQL database server Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; preset: disabled) Drop-In: /etc/systemd/system/mysqld.service.d └─override.conf Active: active (running) since Fri 2024-05-24 08:00:03 WEST; 7h ago Process: 1972738 ExecStartPre=/usr/sbin/mysqld-prepare-db-dir (code=exited, status=0/SUCCESS) Main PID: 1972752 (mysqld) Status: "Taking your SQL requests now..." Tasks: 20 (limit: 19042) Memory: 153.0M CPU: 12min 57.037s CGroup: /system.slice/mysqld.service └─1972752 /usr/sbin/mysqld $ cat /etc/systemd/system/mysqld.service.d/override.conf # If "skip-networking" is set in the configuration then "AF_INET AF_INET6" # should be removed from RestrictAddressFamilies and PrivateNetwork=should # be set to "yes". [Service] PrivateNetwork=yes PrivateUsers=yes PrivateTmp=yes PrivateDevices=yes DevicePolicy=closed UMask=0077 NoNewPrivileges=yes LockPersonality=yes MemoryDenyWriteExecute=yes RemoveIPC=yes RestrictRealtime=yes RestrictSUIDSGID=yes RestrictNamespaces=yes RestrictAddressFamilies=AF_UNIX #RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 SystemCallArchitectures=native SystemCallFilter=@system-service SystemCallFilter=~ @privileged @resources ProtectHome=yes ProtectHostname=yes ProtectKernelLogs=yes ProtectClock=yes ProtectControlGroups=yes ProtectKernelModules=yes ProtectKernelTunables=yes ProtectKernelLogs=yes ProtectSystem=strict AmbientCapabilities= CapabilityBoundingSet= StateDirectory=mysql RuntimeDirectory=mysqld LogsDirectory=mysqld
CC: (none) => mageia
Herman and/or PC LX test are considered good in previous rounds
CC: (none) => andrewsfarm
Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0195.html
Status: NEW => RESOLVEDResolution: (none) => FIXED