Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 803635 (CVE-2022-34968)

Summary: dev-db/percona-server: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: minor CC: mysql-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [ebuild]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 803617    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-24 04:34:17 UTC
Alias:
See tracker for details. Maintainers, are any of these addressed
upstream?
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:20:25 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:28:27 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:36:27 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:44:30 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 17:52:33 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 17:56:29 UTC Comment hidden (obsolete)
Comment 7 NATTkA bot gentoo-dev 2021-07-29 18:00:28 UTC Comment hidden (obsolete)
Comment 8 NATTkA bot gentoo-dev 2021-07-29 18:08:46 UTC
Package list is empty or all packages have requested keywords.
Comment 9 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-04 02:52:04 UTC
CVE-2022-34968 (https://jira.percona.com/browse/PS-8294):

An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query.

Heh, I guess now the reproducer for the upstream MySQL bug is public.