Summary: | <dev-db/mariadb-10.4.12: possible local mysql to root user exploit in mysql_install_db script (CVE-2020-7221) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | ajak, mysql-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://seclists.org/oss-sec/2020/q1/55 | ||
Whiteboard: | ~1 [cleanup cve] | ||
Package list: | Runtime testing required: | --- |
Description
filip ambroz
2020-02-04 11:30:10 UTC
Gentoo is not affected: - 10.4.x is not stable within Gentoo. - Also, Gentoo user will usually use `emerge --config dev-db/mariadb` instead of mysql_install_db. @ maintainer(s): Please cleanup and drop dev-db/mariadb=10.4.10! @maintainer(s): ping Maintainer(s), please drop the vulnerable version(s). Maintainer(s), please cleanup. tree is clean |