From ${URL} : Description Multiple vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to cause a DoS (Denial of Service). 1) An error when handling an INSERT statement with with "ON DUPLICATE KEY UPDATE" clause on a view can be exploited to cause a crash. 2) An error when destroying an event created with "ON COMPLETION NOT PRESERVE" clause can be exploited to cause a crash. 3) An error when handling certain SELECT and EXPLAIN statements can be exploited to cause a crash. 4) An error when handling certain queries on DERIVED tables can be exploited to cause a crash. 5) An error when handling a query referencing a missing function in a subquery can be exploited to cause a crash. 6) An error when handling certain illegal queries can be exploited to cause a crash. 7) An error when handling certain ORDER BY clauses can be exploited to cause a crash. 8) An error when handling a DELETE statement with a SELECT subquery on a VIEW can be exploited to cause a crash. 9) An error when handling a RECOVER statement on specially crafted archive table can be exploited to cause a crash. The vulnerabilities are reported prior to version 5.5.32. Solution: Update to version 5.5.32. Provided and/or discovered by: 1, 2) Reported by the vendor. 3) Reported by the vendor. 4) Danny Sadinoff. 5) sbester1. 6) Alex Light. 7) Reported by the vendor. 8) sbester1. 9) Reported by the vendor. @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
mariadb-5.5.32 pushed from the overlay to the tree and 5.5.31* dropped. We'll deal with the stabilization of the 5.5 series on another bug, so I suggest closing this as RESOLVED FIXED.
