Summary: | <dev-db/mariadb-{10.2.44,10.3.35,10.4.25,10.5.16,10.6.8}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | hydrapolic, mysql-bugs |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=822759 https://github.com/gentoo/gentoo/pull/26397 |
||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 856820 | ||
Bug Blocks: | 847526 |
Description
John Helmert III
![]() ![]() ![]() ![]() CVE-2022-27451 (https://jira.mariadb.org/browse/MDEV-28094): MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc. CVE-2022-27452 (https://jira.mariadb.org/browse/MDEV-28090): MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc. CVE-2022-27455 (https://jira.mariadb.org/browse/MDEV-28097): MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. CVE-2022-27456 (https://jira.mariadb.org/browse/MDEV-28093): MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. CVE-2022-27457 (https://jira.mariadb.org/browse/MDEV-28098): MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. CVE-2022-27458 (https://jira.mariadb.org/browse/MDEV-28099): MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h. CVE-2022-27444 (https://jira.mariadb.org/browse/MDEV-28080): MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc. CVE-2022-27445 (https://jira.mariadb.org/browse/MDEV-28081): MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc. CVE-2022-27446 (https://jira.mariadb.org/browse/MDEV-28082): MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h. CVE-2022-27447 (https://jira.mariadb.org/browse/MDEV-28099): MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h. CVE-2022-27448 (https://jira.mariadb.org/browse/MDEV-28095): There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc. CVE-2022-27449 (https://jira.mariadb.org/browse/MDEV-28089): MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148. CVE-2022-32083 (https://jira.mariadb.org/browse/MDEV-26047): MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker. CVE-2022-32085 (https://jira.mariadb.org/browse/MDEV-26407): MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. CVE-2022-32086 (https://jira.mariadb.org/browse/MDEV-26412): MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field. CVE-2022-32086 (https://jira.mariadb.org/browse/MDEV-26412): MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field. CVE-2022-32089 (https://jira.mariadb.org/browse/MDEV-26410): MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. CVE-2022-32091 (https://jira.mariadb.org/browse/MDEV-26431): MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. Another round of CVEs with fixes in this round of releases, according to Jira: 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3 So, please stabilize when ready! Please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da14e699f370d254bf6ffe16cc1ac0492d0ddebe commit da14e699f370d254bf6ffe16cc1ac0492d0ddebe Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2022-07-14 09:04:16 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-07-15 01:22:02 +0000 dev-db/mariadb: drop vulnerable Bug: https://bugs.gentoo.org/847526 Bug: https://bugs.gentoo.org/838244 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/26397 Signed-off-by: Sam James <sam@gentoo.org> dev-db/mariadb/Manifest | 13 - dev-db/mariadb/mariadb-10.2.41.ebuild | 1289 ------------------------------ dev-db/mariadb/mariadb-10.2.43.ebuild | 1292 ------------------------------ dev-db/mariadb/mariadb-10.3.32.ebuild | 1281 ------------------------------ dev-db/mariadb/mariadb-10.3.34.ebuild | 1284 ------------------------------ dev-db/mariadb/mariadb-10.4.22.ebuild | 1302 ------------------------------ dev-db/mariadb/mariadb-10.5.13.ebuild | 1309 ------------------------------ dev-db/mariadb/mariadb-10.5.15.ebuild | 1309 ------------------------------ dev-db/mariadb/mariadb-10.6.5-r1.ebuild | 1311 ------------------------------ dev-db/mariadb/mariadb-10.6.8.ebuild | 1316 ------------------------------- 10 files changed, 11706 deletions(-) Thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=b69f175bb86c550d8cad22e4c391edbf3ccd7c16 commit b69f175bb86c550d8cad22e4c391edbf3ccd7c16 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-08 08:40:00 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-08 08:40:18 +0000 [ GLSA 202405-25 ] MariaDB: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/699874 Bug: https://bugs.gentoo.org/822759 Bug: https://bugs.gentoo.org/832490 Bug: https://bugs.gentoo.org/838244 Bug: https://bugs.gentoo.org/847526 Bug: https://bugs.gentoo.org/856484 Bug: https://bugs.gentoo.org/891781 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-25.xml | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 111 insertions(+) |