Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2023-5259

Опубликовано: 21 сент. 2023
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2023-5259: mariadb:10.3 security, bug fix, and enhancement update (MODERATE)

galera [25.3.37-1]

  • Rebase to 25.3.37

Judy [1.0.5-18.0.1]

  • Rebuild [Orabug: 31667911]

mariadb [3:10.3.39-1]

  • [MariaDB 10.3.32] socat: E Failed to set SNI host '' (SST failure)
  • Rebase to 10.3.39
  • CVEs fixed: CVE-2022-47015, CVE-2018-25032, CVE-2022-32091, CVE-2022-32084

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module mariadb:10.3 is enabled

Judy

1.0.5-18.0.1.module+el8.3.0+9616+7a81225f

galera

25.3.37-1.module+el8.8.0+21165+f6462f70

mariadb

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-backup

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-common

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-devel

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-embedded

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-embedded-devel

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-errmsg

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-gssapi-server

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-oqgraph-engine

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-server

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-server-galera

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-server-utils

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-test

10.3.39-1.module+el8.8.0+21165+f6462f70

Oracle Linux x86_64

Module mariadb:10.3 is enabled

Judy

1.0.5-18.0.1.module+el8.3.0+9616+7a81225f

galera

25.3.37-1.module+el8.8.0+21165+f6462f70

mariadb

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-backup

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-common

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-devel

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-embedded

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-embedded-devel

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-errmsg

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-gssapi-server

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-oqgraph-engine

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-server

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-server-galera

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-server-utils

10.3.39-1.module+el8.8.0+21165+f6462f70

mariadb-test

10.3.39-1.module+el8.8.0+21165+f6462f70

Связанные CVE

CVE-2022-38791
CVE-2022-32084
CVE-2022-32091
CVE-2022-47015

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2023-5684

oracle-oval
больше 1 года назад

ELSA-2023-5684: galera and mariadb security update (IMPORTANT)

oracle-oval логотип

ELSA-2023-5683

oracle-oval
больше 1 года назад

ELSA-2023-5683: mariadb:10.5 security update (IMPORTANT)

suse-cvrf логотип

SUSE-SU-2022:3391-1

suse-cvrf
больше 2 лет назад

Security update for mariadb

ubuntu логотип

CVE-2022-38791

CVSS3: 5.5
ubuntu
почти 3 года назад

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.

redhat логотип

CVE-2022-38791

CVSS3: 6.5
redhat
около 3 лет назад

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.