Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 849389 (CVE-2022-26944) - <dev-db/percona-xtrabackup{-bin,}- sensitive arguments leaked into backup file
Summary: <dev-db/percona-xtrabackup{-bin,}- sensitive arguments leaked into ...
Alias: CVE-2022-26944
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [glsa]
Depends on:
Reported: 2022-06-02 21:08 UTC by John Helmert III
Modified: 2024-07-14 09:05 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-06-02 21:08:52 UTC

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997.

Fixed in 2.4.25, but there seems to be newer versions in tree for the non-bin?
Comment 1 Larry the Git Cow gentoo-dev 2022-11-24 16:19:08 UTC
The bug has been referenced in the following commit(s):

commit 398e7bf822fb1f93466348bfc5d123f92de610e9
Author:     John Helmert III <>
AuthorDate: 2022-11-24 16:16:28 +0000
Commit:     John Helmert III <>
CommitDate: 2022-11-24 16:18:56 +0000

    profiles: last rite dev-db/percona-xtrabackup-bin
    Signed-off-by: John Helmert III <>

 profiles/package.mask | 6 ++++++
 1 file changed, 6 insertions(+)