Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:2835-1

Опубликовано: 25 авг. 2021
Источник: suse-cvrf

Описание

Security update for mariadb

This update for mariadb fixes the following issues:

Update to version 10.2.40 [bsc#1189320]:

  • fixes for the following security vulnerabilities: CVE-2021-2372 and CVE-2021-2389

Список пакетов

SUSE Enterprise Storage 6
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise Server 15 SP1-BCL
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise Server 15-LTSS
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise Server for SAP Applications 15
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Manager Proxy 4.0
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Manager Retail Branch Server 4.0
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1
SUSE Manager Server 4.0
libmysqld-devel-10.2.40-3.43.1
libmysqld19-10.2.40-3.43.1
mariadb-10.2.40-3.43.1
mariadb-client-10.2.40-3.43.1
mariadb-errormessages-10.2.40-3.43.1
mariadb-tools-10.2.40-3.43.1

Ссылки

Описание

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Затронутые продукты
SUSE Enterprise Storage 6:libmysqld-devel-10.2.40-3.43.1
SUSE Enterprise Storage 6:libmysqld19-10.2.40-3.43.1
SUSE Enterprise Storage 6:mariadb-10.2.40-3.43.1
SUSE Enterprise Storage 6:mariadb-client-10.2.40-3.43.1
Ссылки

Описание

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Затронутые продукты
SUSE Enterprise Storage 6:libmysqld-devel-10.2.40-3.43.1
SUSE Enterprise Storage 6:libmysqld19-10.2.40-3.43.1
SUSE Enterprise Storage 6:mariadb-10.2.40-3.43.1
SUSE Enterprise Storage 6:mariadb-client-10.2.40-3.43.1
Ссылки