Bug 917515

10.6 / 10.11 vulnerable

https://mariadb.com/kb/en/mariadb-10-6-16-release-notes/
https://mariadb.com/kb/en/mariadb-10-11-6-release-notes/

Comment 3 Hans de Graaff 2023-11-18 08:17:55 UTC

"Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. "

Comment 4 John Helmert III 2023-11-28 16:16:18 UTC

Apparently affects mysql too, moving CVE to a tracker.

Comment 5 Larry the Git Cow 2024-01-30 18:47:03 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=928db5c7c38aeffca38c5105864e2fcb67cda315

commit 928db5c7c38aeffca38c5105864e2fcb67cda315
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2024-01-11 15:03:33 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-01-30 18:45:57 +0000

    dev-db/mariadb: add 10.6.16, 10.11.6
    
    Bug: https://bugs.gentoo.org/917515
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/33876
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 dev-db/mariadb/Manifest               |    4 +
 dev-db/mariadb/mariadb-10.11.6.ebuild | 1318 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.6.16.ebuild | 1329 +++++++++++++++++++++++++++++++++
 3 files changed, 2651 insertions(+)

Comment 6 Hans de Graaff 2024-04-06 07:25:54 UTC

I've moved this bug back to "stable?" since only amd64 and x86 were dealt with in the stable bug and arm, arm64, ppc, ppc64 still remain to be done.