dev-db/mariadb-5.5.63 https://mariadb.com/kb/en/library/mariadb-5563-release-notes/ CVE-2019-2529 Already in the tree, 5.5.* series not stable dev-db/mariadb-10.0.38 https://mariadb.com/kb/en/library/mariadb-10038-release-notes/ CVE-2019-2529 CVE-2019-2537 Already in the tree, probably ready for stabilization dev-db/mariadb-10.1.38 https://mariadb.com/kb/en/library/mariadb-10138-release-notes/ CVE-2019-2529 CVE-2019-2537 Already in the tree, probably ready for stabilization dev-db/mariadb-10.2.22 https://mariadb.com/kb/en/library/mariadb-10222-release-notes/ CVE-2019-2510 CVE-2019-2537 Already in the tree, 10.2.* series not yet stable dev-db/mariadb-10.3.13 https://mariadb.com/kb/en/library/mariadb-10313-release-notes/ CVE-2019-2510 CVE-2019-2537 Not yet in the tree, 10.3.* series not yet stable dev-db/mariadb-galera-10.0.38 https://mariadb.com/kb/en/library/mariadb-galera-cluster-10038-release-notes/ CVE-2019-2529 CVE-2019-2537 Not yet in the tree, no stable version
mariadb-10.1.38-r1 with mysql-init-scripts-2.3 on both, regular servers and galera clusters seems to work fine.
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8a68e22e288d280fd26ed09a3caf70a3fa7047d5 commit 8a68e22e288d280fd26ed09a3caf70a3fa7047d5 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-03-08 17:46:48 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-03-08 17:46:48 +0000 dev-db/mariadb: Version bump for 10.3.13 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Brian Evans <grknight@gentoo.org>
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=37dfb9ddf1119b3f07fc80afc52adaf36dc2c878 commit 37dfb9ddf1119b3f07fc80afc52adaf36dc2c878 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-03-10 04:19:32 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-03-10 04:19:32 +0000 dev-db/mariadb-galera: Version bump for 10.0.38 Bug: https://bugs.gentoo.org/679024 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-db/mariadb-galera/Manifest | 2 + .../mariadb-galera/mariadb-galera-10.0.38.ebuild | 859 +++++++++++++++++++++ 2 files changed, 861 insertions(+)
Arches, please test and mark stable
amd64 stable
arm stable
x86 stable
alpha stable
dev-db/mariadb-10.0.38 removed from stable list as 10.0 is obsolete and due to be removed
ppc stable
ia64 stable
ppc64 stable. Maintainer(s), please cleanup. Security, please vote.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f3c8590c1c8bb857c79d1b06c638aed58c64b92 commit 6f3c8590c1c8bb857c79d1b06c638aed58c64b92 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-07-02 12:27:37 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-07-02 12:27:37 +0000 dev-db/mariadb: Clean up old and vulnerable versions Bug: https://bugs.gentoo.org/679024 Bug: https://bugs.gentoo.org/670388 Package-Manager: Portage-2.3.68, Repoman-2.3.16 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-db/mariadb/Manifest | 7 - dev-db/mariadb/mariadb-10.1.34.ebuild | 887 ------------------------------- dev-db/mariadb/mariadb-10.1.37.ebuild | 887 ------------------------------- dev-db/mariadb/mariadb-10.2.24.ebuild | 972 --------------------------------- dev-db/mariadb/mariadb-10.3.13.ebuild | 973 --------------------------------- dev-db/mariadb/mariadb-10.3.15.ebuild | 974 ---------------------------------- dev-db/mariadb/mariadb-5.5.63.ebuild | 831 ----------------------------- 7 files changed, 5531 deletions(-)
This issue was resolved and addressed in GLSA 201908-24 at https://security.gentoo.org/glsa/201908-24 by GLSA coordinator Aaron Bauman (b-man).
